aboutsummaryrefslogtreecommitdiffstats
path: root/recipes/openssl
diff options
context:
space:
mode:
authorDenys Dmytriyenko <denis@denix.org>2009-03-17 14:32:59 -0400
committerDenys Dmytriyenko <denis@denix.org>2009-03-17 14:32:59 -0400
commit709c4d66e0b107ca606941b988bad717c0b45d9b (patch)
tree37ee08b1eb308f3b2b6426d5793545c38396b838 /recipes/openssl
parentfa6cd5a3b993f16c27de4ff82b42684516d433ba (diff)
downloadopenembedded-709c4d66e0b107ca606941b988bad717c0b45d9b.tar.gz
openembedded-709c4d66e0b107ca606941b988bad717c0b45d9b.tar.bz2
openembedded-709c4d66e0b107ca606941b988bad717c0b45d9b.zip
rename packages/ to recipes/ per earlier agreement
See links below for more details: http://thread.gmane.org/gmane.comp.handhelds.openembedded/21326 http://thread.gmane.org/gmane.comp.handhelds.openembedded/21816 Signed-off-by: Denys Dmytriyenko <denis@denix.org> Acked-by: Mike Westerhof <mwester@dls.net> Acked-by: Philip Balister <philip@balister.org> Acked-by: Khem Raj <raj.khem@gmail.com> Acked-by: Marcin Juszkiewicz <hrw@openembedded.org> Acked-by: Koen Kooi <koen@openembedded.org> Acked-by: Frans Meulenbroeks <fransmeulenbroeks@gmail.com>
Diffstat (limited to 'recipes/openssl')
-rw-r--r--recipes/openssl/openssl-0.9.7e/armeb.patch20
-rw-r--r--recipes/openssl/openssl-0.9.7e/debian.patch2589
-rw-r--r--recipes/openssl/openssl-0.9.7e/gnueabi-arm.patch15
-rw-r--r--recipes/openssl/openssl-0.9.7g/armeb.patch18
-rw-r--r--recipes/openssl/openssl-0.9.7g/armeb.patch.lock0
-rw-r--r--recipes/openssl/openssl-0.9.7g/avr32.patch10
-rw-r--r--recipes/openssl/openssl-0.9.7g/debian.patch2808
-rw-r--r--recipes/openssl/openssl-0.9.7g/debian.patch.lock0
-rw-r--r--recipes/openssl/openssl-0.9.7g/gnueabi-arm.patch15
-rw-r--r--recipes/openssl/openssl-0.9.7g/gnueabi-arm.patch.lock0
-rw-r--r--recipes/openssl/openssl-0.9.7g/gnueabi-armeb.patch10
-rw-r--r--recipes/openssl/openssl-0.9.7g/gnueabi-armeb.patch.lock0
-rw-r--r--recipes/openssl/openssl-0.9.7g/uclibcgnueabi.patch12
-rw-r--r--recipes/openssl/openssl-0.9.7m/armeb.patch18
-rw-r--r--recipes/openssl/openssl-0.9.7m/avr32.patch10
-rw-r--r--recipes/openssl/openssl-0.9.7m/debian.patch832
-rw-r--r--recipes/openssl/openssl-0.9.7m/gnueabi-arm.patch15
-rw-r--r--recipes/openssl/openssl-0.9.7m/gnueabi-armeb.patch10
-rw-r--r--recipes/openssl/openssl-0.9.7m/uclibcgnueabi.patch12
-rw-r--r--recipes/openssl/openssl-0.9.8g/configure-targets.patch24
-rw-r--r--recipes/openssl/openssl-0.9.8g/debian.patch1280
-rw-r--r--recipes/openssl/openssl-0.9.8g/shared-libs.patch45
-rw-r--r--recipes/openssl/openssl-0.9.8j/configure-targets.patch24
-rw-r--r--recipes/openssl/openssl-0.9.8j/debian.patch561
-rw-r--r--recipes/openssl/openssl-0.9.8j/shared-libs.patch81
-rw-r--r--recipes/openssl/openssl-native_0.9.7g.bb16
-rw-r--r--recipes/openssl/openssl-native_0.9.7m.bb20
-rw-r--r--recipes/openssl/openssl-native_0.9.8g.bb24
-rw-r--r--recipes/openssl/openssl-native_0.9.8j.bb24
-rw-r--r--recipes/openssl/openssl.inc95
-rw-r--r--recipes/openssl/openssl_0.9.7e.bb7
-rw-r--r--recipes/openssl/openssl_0.9.7g.bb12
-rw-r--r--recipes/openssl/openssl_0.9.7m.bb12
-rw-r--r--recipes/openssl/openssl_0.9.8g.bb11
-rw-r--r--recipes/openssl/openssl_0.9.8j.bb11
35 files changed, 8641 insertions, 0 deletions
diff --git a/recipes/openssl/openssl-0.9.7e/armeb.patch b/recipes/openssl/openssl-0.9.7e/armeb.patch
new file mode 100644
index 0000000000..46632d568a
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7e/armeb.patch
@@ -0,0 +1,20 @@
+Index: openssl-0.9.7e/Configure
+===================================================================
+--- openssl-0.9.7e.orig/Configure 2005-02-03 00:58:18.600626232 -0500
++++ openssl-0.9.7e/Configure 2005-02-03 00:59:59.178336096 -0500
+@@ -385,6 +385,7 @@
+ "debian-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "debian-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-armeb","gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ #"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ #"debian-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+@@ -460,6 +461,7 @@
+
+ # Linux on ARM
+ "linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-elf-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ # SCO/Caldera targets.
+ #
diff --git a/recipes/openssl/openssl-0.9.7e/debian.patch b/recipes/openssl/openssl-0.9.7e/debian.patch
new file mode 100644
index 0000000000..475c0c847f
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7e/debian.patch
@@ -0,0 +1,2589 @@
+--- openssl-0.9.7e.orig/apps/CA.pl
++++ openssl-0.9.7e/apps/CA.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+ #
+ # CA - wrapper around ca to make it easier to use ... basically ca requires
+ # some setup stuff to be done before you can use it and this makes
+--- openssl-0.9.7e.orig/apps/der_chop.in
++++ openssl-0.9.7e/apps/der_chop.in
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl
++#!/usr/bin/perl
+ #
+ # der_chop ... this is one total hack that Eric is really not proud of
+ # so don't look at it and don't ask for support
+--- openssl-0.9.7e.orig/apps/progs.h
++++ openssl-0.9.7e/apps/progs.h
+@@ -36,9 +36,7 @@
+ extern int smime_main(int argc,char *argv[]);
+ extern int rand_main(int argc,char *argv[]);
+ extern int prime_main(int argc,char *argv[]);
+-#ifndef OPENSSL_NO_ENGINE
+ extern int engine_main(int argc,char *argv[]);
+-#endif
+ extern int ocsp_main(int argc,char *argv[]);
+
+ #define FUNC_TYPE_GENERAL 1
+@@ -95,9 +93,7 @@
+ #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
+ {FUNC_TYPE_GENERAL,"s_client",s_client_main},
+ #endif
+-#ifndef OPENSSL_NO_SPEED
+ {FUNC_TYPE_GENERAL,"speed",speed_main},
+-#endif
+ #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
+ {FUNC_TYPE_GENERAL,"s_time",s_time_main},
+ #endif
+@@ -117,9 +113,7 @@
+ {FUNC_TYPE_GENERAL,"smime",smime_main},
+ {FUNC_TYPE_GENERAL,"rand",rand_main},
+ {FUNC_TYPE_GENERAL,"prime",prime_main},
+-#ifndef OPENSSL_NO_ENGINE
+ {FUNC_TYPE_GENERAL,"engine",engine_main},
+-#endif
+ {FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
+ #ifndef OPENSSL_NO_MD2
+ {FUNC_TYPE_MD,"md2",dgst_main},
+--- openssl-0.9.7e.orig/config
++++ openssl-0.9.7e/config
+@@ -163,8 +163,8 @@
+ echo "${MACHINE}-whatever-linux1"; exit 0
+ ;;
+
+- GNU*)
+- echo "hurd-x86"; exit 0;
++ GNU:*|GNU/*:*)
++ echo "${MACHINE}-gnuish"; exit 0;
+ ;;
+
+ LynxOS:*)
+--- openssl-0.9.7e.orig/Configure
++++ openssl-0.9.7e/Configure
+@@ -1,4 +1,4 @@
+-:
++#!/usr/local/bin/perl
+ eval 'exec perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+ ##
+@@ -380,6 +380,43 @@
+ # assembler versions -- currently defunct:
+ ##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}",
+
++# Debian GNU/* (various architectures)
++"debian-alpha","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-freebsd-i386", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-freebsd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ia64","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC",
++"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -mcpu=i486 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -mcpu=i586 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -mcpu=i686 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-mips","gcc:-O2 -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-powerpc64","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v8 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,-Av8plus -fomit-frame-pointer -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
+ # bn86-elf.o file file since it is hand tweaked assembler.
+ "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+@@ -1297,7 +1334,8 @@
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
+ {
+ my $sotmp = $1;
+- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
++# s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
++ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
+ }
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
+ {
+--- openssl-0.9.7e.orig/crypto/asn1/charmap.pl
++++ openssl-0.9.7e/crypto/asn1/charmap.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ use strict;
+
+--- openssl-0.9.7e.orig/crypto/md5/asm/md5-sparcv9.S
++++ openssl-0.9.7e/crypto/md5/asm/md5-sparcv9.S
+@@ -74,14 +74,14 @@
+ #define Dval R8
+
+ #if defined(MD5_BLOCK_DATA_ORDER)
+-# if defined(OPENSSL_SYSNAME_ULTRASPARC)
++/*# if defined(OPENSSL_SYSNAME_ULTRASPARC)*/
+ # define LOAD lda
+ # define X(i) [%i1+i*4]%asi
+ # define md5_block md5_block_asm_data_order_aligned
+ # define ASI_PRIMARY_LITTLE 0x88
+-# else
++/*# else
+ # error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!"
+-# endif
++# endif*/
+ #else
+ # define LOAD ld
+ # define X(i) [%i1+i*4]
+--- openssl-0.9.7e.orig/crypto/opensslconf.h
++++ openssl-0.9.7e/crypto/opensslconf.h
+@@ -4,17 +4,38 @@
+ /* OpenSSL was configured with the following options: */
+ #ifndef OPENSSL_DOING_MAKEDEPEND
+
++#ifndef OPENSSL_NO_IDEA
++# define OPENSSL_NO_IDEA
++#endif
++#ifndef OPENSSL_NO_MDC2
++# define OPENSSL_NO_MDC2
++#endif
++#ifndef OPENSSL_NO_RC5
++# define OPENSSL_NO_RC5
++#endif
+ #ifndef OPENSSL_NO_KRB5
+ # define OPENSSL_NO_KRB5
+ #endif
+
+ #endif /* OPENSSL_DOING_MAKEDEPEND */
++#ifndef OPENSSL_THREADS
++# define OPENSSL_THREADS
++#endif
+
+ /* The OPENSSL_NO_* macros are also defined as NO_* if the application
+ asks for it. This is a transient feature that is provided for those
+ who haven't had the time to do the appropriate changes in their
+ applications. */
+ #ifdef OPENSSL_ALGORITHM_DEFINES
++# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
++# define NO_IDEA
++# endif
++# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
++# define NO_MDC2
++# endif
++# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
++# define NO_RC5
++# endif
+ # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+ # define NO_KRB5
+ # endif
+@@ -27,7 +48,7 @@
+
+ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+-#define OPENSSLDIR "/usr/local/ssl"
++#define OPENSSLDIR "/usr/lib/ssl"
+ #endif
+ #endif
+
+@@ -79,7 +100,7 @@
+
+ #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+ #define CONFIG_HEADER_BN_H
+-#undef BN_LLONG
++#define BN_LLONG
+
+ /* Should we define BN_DIV2W here? */
+
+@@ -98,7 +119,7 @@
+ #define CONFIG_HEADER_RC4_LOCL_H
+ /* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+-#undef RC4_INDEX
++#define RC4_INDEX
+ #endif
+
+ #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+@@ -112,14 +133,14 @@
+ /* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+ #ifndef DES_PTR
+-#undef DES_PTR
++#define DES_PTR
+ #endif
+
+ /* This helps C compiler generate the correct code for multiple functional
+ * units. It reduces register dependancies at the expense of 2 more
+ * registers */
+ #ifndef DES_RISC1
+-#undef DES_RISC1
++#define DES_RISC1
+ #endif
+
+ #ifndef DES_RISC2
+@@ -133,7 +154,7 @@
+ /* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+ #ifndef DES_UNROLL
+-#undef DES_UNROLL
++#define DES_UNROLL
+ #endif
+
+ /* These default values were supplied by
+--- openssl-0.9.7e.orig/demos/tunala/configure.in
++++ openssl-0.9.7e/demos/tunala/configure.in
+@@ -1,4 +1,4 @@
+-dnl Process this file with autoconf to produce a configure script.
++#!/usr/local/bin/perl
+ AC_INIT(tunala.c)
+ AM_CONFIG_HEADER(config.h)
+ AM_INIT_AUTOMAKE(tunala, 0.0.1-dev)
+--- openssl-0.9.7e.orig/doc/Makefile
++++ openssl-0.9.7e/doc/Makefile
+@@ -0,0 +1,40 @@
++VERSION =
++
++#PODS = $(wildcard *.pod)
++#MANS = $(addsuffix .man, $(basename $(PODS)))
++
++MANS = openssl.1 ssl.3 crypto.3
++
++P2M = pod2man --center='OpenSSL Documentation' --release="OpenSSL $(VERSION)"
++
++all: manpages
++
++.PHONY: manpages
++
++manpages: openssl.1 crypto.3 ssl.3
++
++openssl.1:
++ $(P2M) --section=1 openssl.pod > openssl.1
++
++crypto.3:
++ $(P2M) --section=3 crypto.pod > crypto.3
++
++ssl.3:
++ $(P2M) --section=3 ssl.pod > ssl.3
++
++.PHONY: install
++install:
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p openssl.1 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ install -m 644 -p crypto.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p ssl.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ rm -f $(MANS)
++
++.PHONY: clean
++clean:
++ rm -f $(MANS)
++
++.PHONY: realclean
++realclean:
++ -$(MAKE) clean
+--- openssl-0.9.7e.orig/Makefile
++++ openssl-0.9.7e/Makefile
+@@ -11,11 +11,11 @@
+ SHLIB_VERSION_HISTORY=
+ SHLIB_MAJOR=0
+ SHLIB_MINOR=9.7
+-SHLIB_EXT=
+-PLATFORM=dist
+-OPTIONS= no-krb5
+-CONFIGURE_ARGS=dist
+-SHLIB_TARGET=
++SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
++PLATFORM=debian-i386
++OPTIONS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 no-krb5
++CONFIGURE_ARGS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 debian-i386
++SHLIB_TARGET=linux-shared
+
+ # HERE indicates where this Makefile lives. This can be used to indicate
+ # where sub-Makefiles are expected to be. Currently has very limited usage,
+@@ -26,10 +26,10 @@
+ # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+ # Normally it is left empty.
+ INSTALL_PREFIX=
+-INSTALLTOP=/usr/local/ssl
++INSTALLTOP=/usr
+
+ # Do not edit this manually. Use Configure --openssldir=DIR do change this!
+-OPENSSLDIR=/usr/local/ssl
++OPENSSLDIR=/usr/lib/ssl
+
+ # NO_IDEA - Define to build without the IDEA algorithm
+ # NO_RC4 - Define to build without the RC4 algorithm
+@@ -59,12 +59,13 @@
+ # equal 4.
+ # PKCS1_CHECK - pkcs1 tests.
+
+-CC= cc
++#TOP=$(shell pwd)
++CC= gcc
+ #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+-CFLAG= -DOPENSSL_NO_KRB5 -O
+-DEPFLAG=
++CFLAG= -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
++DEPFLAG= -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5
+ PEX_LIBS=
+-EX_LIBS=
++EX_LIBS= -ldl
+ EXE_EXT=
+ ARFLAGS=
+ AR=ar $(ARFLAGS) r
+@@ -72,7 +73,7 @@
+ PERL= /usr/bin/perl
+ TAR= tar
+ TARFLAGS= --no-recursion
+-MAKEDEPPROG=makedepend
++MAKEDEPPROG= gcc
+
+ # We let the C compiler driver to take care of .s files. This is done in
+ # order to be excused from maintaining a separate set of architecture
+@@ -177,13 +178,13 @@
+ # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
+ SHLIB_MARK=
+
+-DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps test tools
++DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps doc tools
+ SHLIBDIRS= fips crypto ssl
+
+ # dirs in crypto to build
+ SDIRS= objects \
+- md2 md4 md5 sha mdc2 hmac ripemd \
+- des rc2 rc4 rc5 idea bf cast \
++ md2 md4 md5 sha hmac ripemd \
++ des rc2 rc4 bf cast \
+ bn ec rsa dsa dh dso engine aes \
+ buffer bio stack lhash rand err \
+ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
+@@ -196,10 +197,10 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
+ SHELL=/bin/sh
+
+ TOP= .
+@@ -211,7 +212,7 @@
+ SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+ SHARED_SSL=libssl$(SHLIB_EXT)
+ SHARED_LIBS=
+-SHARED_LIBS_LINK_EXTS=
++SHARED_LIBS_LINK_EXTS=.so
+ SHARED_LDFLAGS=
+
+ GENERAL= Makefile
+@@ -818,7 +819,7 @@
+ do \
+ if [ -f "$$i" ]; then \
+ ( echo installing $$i; \
+- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
++ cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
+ if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
+ : ; \
+ else \
+--- openssl-0.9.7e.orig/Makefile.org
++++ openssl-0.9.7e/Makefile.org
+@@ -57,6 +57,7 @@
+ # equal 4.
+ # PKCS1_CHECK - pkcs1 tests.
+
++#TOP=$(shell pwd)
+ CC= gcc
+ #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+ CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+@@ -175,7 +176,7 @@
+ # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
+ SHLIB_MARK=
+
+-DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps test tools
++DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps doc tools
+ SHLIBDIRS= fips crypto ssl
+
+ # dirs in crypto to build
+@@ -194,10 +195,10 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
+ SHELL=/bin/sh
+
+ TOP= .
+@@ -816,7 +817,7 @@
+ do \
+ if [ -f "$$i" ]; then \
+ ( echo installing $$i; \
+- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
++ cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
+ if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
+ : ; \
+ else \
+--- openssl-0.9.7e.orig/os2/backwardify.pl
++++ openssl-0.9.7e/os2/backwardify.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl -w
++#!/usr/local/bin/perl
+ use strict;
+
+ # Use as $0
+--- openssl-0.9.7e.orig/ssl/ssl_algs.c
++++ openssl-0.9.7e/ssl/ssl_algs.c
+@@ -109,3 +109,8 @@
+ return(1);
+ }
+
++#undef SSLeay_add_ssl_algorithms
++int SSLeay_add_ssl_algorithms(void)
++ {
++ return SSL_library_init();
++ }
+--- openssl-0.9.7e.orig/tools/c_rehash
++++ openssl-0.9.7e/tools/c_rehash
+@@ -6,7 +6,7 @@
+
+ my $openssl;
+
+-my $dir = "/usr/local/ssl";
++my $dir = "/usr/lib/ssl";
+
+ if(defined $ENV{OPENSSL}) {
+ $openssl = $ENV{OPENSSL};
+--- openssl-0.9.7e.orig/tools/c_rehash.in
++++ openssl-0.9.7e/tools/c_rehash.in
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl
++#!/usr/bin/perl
+
+
+ # Perl c_rehash script, scan all files in a directory
+--- openssl-0.9.7e.orig/util/clean-depend.pl
++++ openssl-0.9.7e/util/clean-depend.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ # Clean the dependency list in a makefile of standard includes...
+ # Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
+
+--- openssl-0.9.7e.orig/util/extract-names.pl
++++ openssl-0.9.7e/util/extract-names.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+
+ $/ = ""; # Eat a paragraph at once.
+ while(<STDIN>) {
+--- openssl-0.9.7e.orig/util/mkdef.pl
++++ openssl-0.9.7e/util/mkdef.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # generate a .def file
+ #
+--- openssl-0.9.7e.orig/util/mkerr.pl
++++ openssl-0.9.7e/util/mkerr.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ my $config = "crypto/err/openssl.ec";
+ my $debug = 0;
+--- openssl-0.9.7e.orig/util/mkstack.pl
++++ openssl-0.9.7e/util/mkstack.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ # This is a utility that searches out "DECLARE_STACK_OF()"
+ # declarations in .h and .c files, and updates/creates/replaces
+--- openssl-0.9.7e.orig/util/pod2man.pl
++++ openssl-0.9.7e/util/pod2man.pl
+@@ -1,4 +1,4 @@
+-: #!/usr/bin/perl-5.005
++#!/usr/local/bin/perl
+ eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+
+--- openssl-0.9.7e.orig/util/selftest.pl
++++ openssl-0.9.7e/util/selftest.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # Run the test suite and generate a report
+ #
+--- openssl-0.9.7e.orig/VMS/VMSify-conf.pl
++++ openssl-0.9.7e/VMS/VMSify-conf.pl
+@@ -1,4 +1,4 @@
+-#! /usr/bin/perl
++#!/usr/local/bin/perl
+
+ use strict;
+ use warnings;
+--- openssl-0.9.7e.orig/debian/README.debian
++++ openssl-0.9.7e/debian/README.debian
+@@ -0,0 +1,52 @@
++openssl for DEBIAN
++----------------------
++
++openssl replaces ssleay.
++
++The application links to openssl like req, ca, verify and s_client
++have been removed.
++
++Instead of `<application>` please call now `openssl <application>`
++
++eg:
++instead of `req` please call `openssl req`
++
++NOTE: The libssl library version for debian-i386 is optimized for
++486-processors and better. It will not run on 386-processors.
++
++----
++Self-signed certs and webservers:
++
++If you get with a selfsigned certificate and a webserver:
++ > "The certificate is not approved for the attempted operation."
++
++Bodo_Moeller@public.uni-hamburg.de (Bodo Moeller) writes:
++>Probably you are using a CA certificate for your server; if you use
++>"openssl req" to generate a new key and self-signed certificate with
++>the default openssl.cnf, the certificate you get includes certain
++>X.509v3 extensions that make it unfit for use as a server certificate.
++>This was not so with earlier versions of the software because back
++>then there was far less X.509v3 support.
++>
++>To look at the certificate some HTTPS server presents to its cliens,
++>use "openssl s_client -port 443 -host your.server", store the output
++>(at least the part from "-----BEGIN CERTIFICATE-----" up to "-----END
++>CERTIFICATE-----", including these separators) in a file and use
++>"openssl x509 -in the_file_you_just_stored -text" to look at it in
++>readable form. If it has in the "X509v3 extensions section" any of
++>the following entries, it is not usable as a server certificate:
++>
++> X509v3 Basic Constraints:
++> CA:TRUE
++>
++> X509v3 Key Usage:
++> Certificate Sign, CRL Sign
++>
++>To quickly create a new server key and certificate that works with
++>Netscape, you can just copy the original openssl.cnf file and comment
++>out the "x509_extensions" entry in the "[ req ]" section.
++>The, use "openssl req ..." as before to create a new certificate and
++>key.
++
++
++Christoph Martin <martin@uni-mainz.de>, Wed, 31 Mar 1999 16:00:51 +0200
+--- openssl-0.9.7e.orig/debian/changelog
++++ openssl-0.9.7e/debian/changelog
+@@ -0,0 +1,605 @@
++openssl (0.9.7e-2) unstable; urgency=high
++
++ * fix perl path in der_chop and c_rehash (closes: #281212)
++ * still fixes security problem CAN-2004-0975 etc.
++ - tempfile raise condition in der_chop
++ - Avoid a race condition when CRLs are checked in a multi threaded
++ environment.
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 14 Nov 2004 20:16:21 +0100
++
++openssl (0.9.7e-1) unstable; urgency=high
++
++ * SECURITY UPDATE: fix insecure temporary file handling
++ * apps/der_chop:
++ - replaced $$-style creation of temporary files with
++ File::Temp::tempfile()
++ - removed unused temporary file name in do_certificate()
++ * References:
++ CAN-2004-0975 (closes: #278260)
++ * fix ASN1_STRING_to_UTF8 with UTF8 (closes: #260357)
++ * New upstream release with security fixes
++ - Avoid a race condition when CRLs are checked in a multi threaded
++ environment.
++ - Various fixes to s3_pkt.c so alerts are sent properly.
++ - Reduce the chances of duplicate issuer name and serial numbers (in
++ violation of RFC3280) using the OpenSSL certificate creation
++ utilities.
++ * depends openssl on perl-base instead of perl (closes: #280225)
++ * support powerpc64 in Configure (closes: #275224)
++ * include cs translation (closes: #273517)
++ * include nl translation (closes: #272479)
++ * Fix default dir of c_rehash (closes: #253126)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 12 Nov 2004 14:11:15 +0100
++
++openssl (0.9.7d-5) unstable; urgency=low
++
++ * Make S/MIME encrypt work again (backport from CVS) (closes: #241407,
++ #241386)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 26 Jul 2004 17:22:42 +0200
++
++openssl (0.9.7d-4) unstable; urgency=low
++
++ * add Catalan translation (closes: #248749)
++ * add Spanish translation (closes: #254561)
++ * include NMU fixes: see below
++ * decrease optimisation level for debian-arm to work around gcc bug
++ (closes: #253848) (thanks to Steve Langasek and Thom May)
++ * Add libcrypto0.9.7-udeb. (closes: #250010) (thanks to Bastian Blank)
++ * Add watchfile
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 14 Jul 2004 14:31:02 +0200
++
++openssl (0.9.7d-3) unstable; urgency=low
++
++ * rename -pic.a libraries to _pic.a (closes: #250016)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 24 May 2004 17:02:29 +0200
++
++openssl (0.9.7d-2) unstable; urgency=low
++
++ * include PIC libs (libcrypto-pic.a and libssl-pic.a) to libssl-dev
++ (closes: #246928, #243999)
++ * add racoon to restart list (closes: #242652)
++ * add Brazilian, Japanese and Danish translations (closes: #242087,
++ #241830, #241705)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 11 May 2004 10:13:49 +0200
++
++openssl (0.9.7d-1) unstable; urgency=high
++
++ * new upstream
++ * fixes security holes (http://www.openssl.org/news/secadv_20040317.txt)
++ (closes: #238661)
++ * includes support for debian-amd64 (closes: #235551, #232310)
++ * fix typo in pem.pod (closes: #219873)
++ * fix typo in libssl0.9.7.templates (closes: #224690)
++ * openssl suggests ca-certificates (closes: #217180)
++ * change debconf template to gettext format (closes: #219013)
++ * include french debconf template (closes: #219014)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 18 Mar 2004 16:18:43 +0100
++
++openssl (0.9.7c-5) unstable; urgency=low
++
++ * include openssl.pc into libssl-dev (closes: #212545)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 16 Oct 2003 16:31:32 +0200
++
++openssl (0.9.7c-4) unstable; urgency=low
++
++ * change question to restart services to debconf (closes: #214840)
++ * stop using dh_undocumented (closes: #214831)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 10 Oct 2003 15:40:48 +0200
++
++openssl (0.9.7c-3) unstable; urgency=low
++
++ * fix POSIX conformance for head in libssl0.9.7.postinst (closes:
++ #214700)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 8 Oct 2003 14:02:38 +0200
++
++openssl (0.9.7c-2) unstable; urgency=low
++
++ * add filerc macro to libssl0.9.7.postinst (closes: #213906)
++ * restart spamassassins spamd on upgrade (closes: #214106)
++ * restart more services on upgrade
++ * fix EVP_BytesToKey manpage (closes: #213715)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 7 Oct 2003 15:01:32 +0200
++
++openssl (0.9.7c-1) unstable; urgency=high
++
++ * upstream security fix (closes: #213451)
++ - Fix various bugs revealed by running the NISCC test suite:
++ Stop out of bounds reads in the ASN1 code when presented with
++ invalid tags (CAN-2003-0543 and CAN-2003-0544).
++ Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545).
++ If verify callback ignores invalid public key errors don't try to check
++ certificate signature with the NULL public key.
++ - In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
++ if the server requested one: as stated in TLS 1.0 and SSL 3.0
++ specifications.
++ * more minor upstream bugfixes
++ * fix formatting in c_issuer (closes: #190026)
++ * fix Debian-FreeBSD support (closes: #200381)
++ * restart some services in postinst to make them use the new libraries
++ * remove duplicated openssl.1, crypto.3 and ssl.3 (closes: #198594)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 1 Oct 2003 08:54:27 +0200
++
++openssl (0.9.7b-2) unstable; urgency=high
++
++ * fix permission of /etc/ssl/private to 700 again
++ * change section of libssl-dev to libdevel
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 23 Apr 2003 11:13:24 +0200
++
++openssl (0.9.7b-1) unstable; urgency=high
++
++ * upstream security fix
++ - Countermeasure against the Klima-Pokorny-Rosa extension of
++ Bleichbacher's attack on PKCS #1 v1.5 padding: treat
++ a protocol version number mismatch like a decryption error
++ in ssl3_get_client_key_exchange (ssl/s3_srvr.c). (CAN-2003-0131)
++ (closes: #189087)
++ - Turn on RSA blinding by default in the default implementation
++ to avoid a timing attack. Applications that don't want it can call
++ RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
++ They would be ill-advised to do so in most cases. (CAN-2003-0147)
++ - Change RSA blinding code so that it works when the PRNG is not
++ seeded (in this case, the secret RSA exponent is abused as
++ an unpredictable seed -- if it is not unpredictable, there
++ is no point in blinding anyway). Make RSA blinding thread-safe
++ by remembering the creator's thread ID in rsa->blinding and
++ having all other threads use local one-time blinding factors
++ (this requires more computation than sharing rsa->blinding, but
++ avoids excessive locking; and if an RSA object is not shared
++ between threads, blinding will still be very fast).
++ for more details see the CHANGES file
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 16 Apr 2003 10:32:57 +0200
++
++openssl (0.9.7a-1) unstable; urgency=high
++
++ * upstream Security fix
++ - In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
++ via timing by performing a MAC computation even if incorrrect
++ block cipher padding has been found. This is a countermeasure
++ against active attacks where the attacker has to distinguish
++ between bad padding and a MAC verification error. (CAN-2003-0078)
++ for more details see the CHANGES file
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 21 Feb 2003 22:39:40 +0100
++
++openssl (0.9.7-4) unstable; urgency=low
++
++ * use DH_COMPAT=3 to build
++ * move i686 to i686/cmov to fix problems on Via C3. For that to work we
++ have to depend on the newest libc6 on i386 (closes: #177891)
++ * fix bug in ui_util.c (closes: #177615)
++ * fix typo in md5.h (closes: #178112)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 24 Jan 2003 10:22:56 +0100
++
++openssl (0.9.7-3) unstable; urgency=low
++
++ * enable build of ultrasparc code on non ultrasparc machines (closes:
++ #177024)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 17 Jan 2003 08:22:13 +0100
++
++openssl (0.9.7-2) unstable; urgency=low
++
++ * include changes between 0.9.6g-9 and -10
++ * fix problem in build-process on i386 with libc6 version number
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 13 Jan 2003 14:26:56 +0100
++
++openssl (0.9.7-1) unstable; urgency=low
++
++ * new upstream
++ * includes engine support
++ * a lot of bugfixes and enhancements, see the CHANGES file
++ * include AES encryption
++ * makes preview of certificate configurable (closes: #176059)
++ * fix x509 manpage (closes: #168070)
++ * fix declaration of ERR_load_PEM_string in pem.h (closes: #141360)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 11 Jan 2003 09:12:16 +0100
++
++openssl (0.9.6g-10) unstable; urgency=low
++
++ * fix problem in build-process on i386 with libc6 version number
++ (closes: #167096)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 4 Nov 2002 12:27:21 +0100
++
++openssl (0.9.6g-9) unstable; urgency=low
++
++ * fix typo in i386 libc6 depend (sigh) (closes: #163848)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 8 Oct 2002 23:29:20 +0200
++
++openssl (0.9.6g-8) unstable; urgency=low
++
++ * fix libc6 depends. Only needed for i386 (closes: #163701)
++ * remove SHLIB section for bsds from Configure (closes: #163585)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 8 Oct 2002 10:57:35 +0200
++
++openssl (0.9.6g-7) unstable; urgency=low
++
++ * enable i686 optimisation and depend on fixed glibc (closes: #163500)
++ * remove transition package ssleay
++ * include optimisation vor sparcv8 (closes: #139996)
++ * improve optimisation vor sparcv9
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 6 Oct 2002 14:07:12 +0200
++
++openssl (0.9.6g-6) unstable; urgency=low
++
++ * temporarily disable i686 optimisation (See bug in glibc #161788)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 21 Sep 2002 18:56:49 +0200
++
++openssl (0.9.6g-5) unstable; urgency=low
++
++ * i486 can use i586 assembler
++ * include set -xe in the for loops in the rules files to make it abort
++ on error (closes: #161768)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 21 Sep 2002 16:23:11 +0200
++
++openssl (0.9.6g-4) unstable; urgency=low
++
++ * fix optimization for alpha and sparc
++ * add optimization for i486
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 20 Sep 2002 22:36:19 +0200
++
++openssl (0.9.6g-3) unstable; urgency=low
++
++ * add optimized libraries for i586, i686, ev4, ev5 and v9 (closes: #139783)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 19 Sep 2002 18:33:04 +0200
++
++openssl (0.9.6g-2) unstable; urgency=low
++
++ * fix manpage names (closes: #156717, #156718, #156719, #156721)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 15 Aug 2002 11:26:37 +0200
++
++openssl (0.9.6g-1) unstable; urgency=low
++
++ * new upstream version
++ * Use proper error handling instead of 'assertions' in buffer
++ overflow checks added in 0.9.6e. This prevents DoS (the
++ assertions could call abort()). (closes: #155985, #156495)
++ * Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
++ and get fix the header length calculation.
++ * include support for new sh* architectures (closes: #155117)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 14 Aug 2002 13:59:22 +0200
++
++openssl (0.9.6e-1) unstable; urgency=high
++
++ * fixes remote exploits (see DSA-136-1)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 30 Jul 2002 18:32:28 +0200
++
++openssl (0.9.6d-1) unstable; urgency=low
++
++ * new upstream (minor) version
++ * includes Configure lines for debian-*bsd-* (closes: #130413)
++ * fix wrong prototype for BN_pseudo_rand_range in BN_rand(3ssl) (closes:
++ #144586)
++ * fix typos in package description (closes: #141469)
++ * fix typo in SSL_CTX_set_cert_store manpage (closes: #135297)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 3 Jun 2002 19:42:10 +0200
++
++openssl (0.9.6c-2) unstable; urgency=low
++
++ * moved from non-US to main
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 19 Mar 2002 14:48:39 +0100
++
++openssl (0.9.6c-1) unstable; urgency=low
++
++ * new upstream version with a lot of bugfixes
++ * remove directory /usr/include/openssl from openssl package (closes:
++ bug #121226)
++ * remove selfdepends from libssl0.9.6
++ * link openssl binary shared again
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 5 Jan 2002 19:04:31 +0100
++
++openssl (0.9.6b-4) unstable; urgency=low
++
++ * build with -D_REENTRANT for threads support on all architectures
++ (closes: #112329, #119239)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 24 Nov 2001 12:17:51 +0100
++
++openssl (0.9.6b-3) unstable; urgency=low
++
++ * disable idea, mdc2 and rc5 because they are not free (closes: #65368)
++ * ready to be moved from nonus to main
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 21 Nov 2001 17:51:41 +0100
++
++openssl (0.9.6b-2) unstable; urgency=high
++
++ * fix definition of crypt in des.h (closes: #107533)
++ * fix descriptions (closes: #109503)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 17 Sep 2001 15:38:27 +0200
++
++openssl (0.9.6b-1) unstable; urgency=medium
++
++ * new upstream fixes some security issues (closes: #105835, #100146)
++ * added support for s390 (closes: #105681)
++ * added support for sh (closes: #100003)
++ * change priority of libssl096 to standard as ssh depends on it (closes:
++ #105440)
++ * don't optimize for i486 to support i386. (closes: #104127, #82194)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 20 Jul 2001 15:52:42 +0200
++
++openssl (0.9.6a-3) unstable; urgency=medium
++
++ * add perl-base to builddeps
++ * include static libraries in libssl-dev (closes: #93688)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 14 May 2001 20:16:06 +0200
++
++openssl (0.9.6a-2) unstable; urgency=medium
++
++ * change Architecture of ssleay from any to all (closes: #92913)
++ * depend libssl-dev on the exact same version of libssl0.9.6 (closes:
++ #88939)
++ * remove lib{crypto,ssl}.a from openssl (closes: #93666)
++ * rebuild with newer gcc to fix atexit problem (closes: #94036)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 2 May 2001 12:28:39 +0200
++
++openssl (0.9.6a-1) unstable; urgency=medium
++
++ * new upstream, fixes some security bugs (closes: #90584)
++ * fix typo in s_server manpage (closes: #89756)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 10 Apr 2001 12:13:11 +0200
++
++openssl (0.9.6-2) unstable; urgency=low
++
++ * policy: reorganisation of package names: libssl096 -> libssl0.9.6,
++ libssl096-dev -> libssl-dev (closes: #83426)
++ * libssl0.9.6 drops replaces libssl09 (Closes: #83425)
++ * install upstream CHANGES files (Closes: #83430)
++ * added support for hppa and ia64 (Closes: #88790)
++ * move man3 manpages to libssl-dev (Closes: #87546)
++ * fix formating problem in rand_add(1) (Closes: #87547)
++ * remove manpage duplicates (Closes: #87545, #74986)
++ * make package descriptions clearer (Closes: #83518, #83444)
++ * increase default emailAddress_max from 40 to 60 (Closes: #67238)
++ * removed RSAREF warning (Closes: #84122)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 8 Mar 2001 14:24:00 +0100
++
++openssl (0.9.6-1) unstable; urgency=low
++
++ * New upstream version (Thanks to Enrique Zanardi <ezanard@debian.org>)
++ (closes: #72388)
++ * Add support for debian-hurd (closes: #76032)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 13 Nov 2000 22:30:46 +0100
++
++openssl (0.9.5a-5) unstable; urgency=low
++
++ * move manpages in standard directories with section ssl (closes:
++ #72152, #69809)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 5 Oct 2000 19:56:20 +0200
++
++openssl (0.9.5a-4) unstable; urgency=low
++
++ * include edg_rand_bytes patch from and for apache-ssl
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 23 Sep 2000 16:48:06 +0200
++
++openssl (0.9.5a-3) unstable; urgency=low
++
++ * fix call to dh_makeshlibs to create correct shlibs file and make
++ dependend programs link correctly (closes: Bug#61658)
++ * include a note in README.debian concerning the location of the
++ subcommand manpages (closes: Bug#69809)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 16 Sep 2000 19:10:50 +0200
++
++openssl (0.9.5a-2) unstable; urgency=low
++
++ * try to fix the sharedlib problem. change soname of library
++ (closes: Bug#4622, #66102, #66538, #66123)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 12 Jul 2000 03:26:30 +0200
++
++openssl (0.9.5a-1) unstable; urgency=low
++
++ * new upstream version (major changes see file NEWS) (closes: Bug#63976,
++ #65239, #65358)
++ * new library package libssl095a because of probably changed library
++ interface (closes: Bug#46222)
++ * added architecture mips and mipsel (closes: Bug#62437, #60366)
++ * provide shlibs.local file in build to help build if libraries are not
++ yet installed (closes: Bug#63984)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 11 Jun 2000 15:17:35 +0200
++
++openssl (0.9.4-5) frozen unstable; urgency=medium
++
++ * cleanup of move of doc directories to /usr/share/doc (closes:
++ Bug#56430)
++ * lintian issues (closes: Bug#49358)
++ * move demos from openssl to libssl09-dev (closes: Bug#59201)
++ * move to debhelpers
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 11 Mar 2000 10:38:04 +0100
++
++openssl (0.9.4-4) unstable; urgency=medium
++
++ * Added 'debian-arm' in 'Configure'. (closes: Bug#54251, #54766)
++ * Fixed Configure for 'debian-m68k' (closes: Bug#53636)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 15 Jan 2000 13:16:18 +0100
++
++openssl (0.9.4-3) unstable; urgency=low
++
++ * define symbol SSLeay_add_ssl_algorithms for backward compatibility
++ (closes: Bug#46882)
++ * remove manpages from /usr/doc/openssl (closes: Bug#46791)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 14 Oct 1999 16:51:08 +0200
++
++openssl (0.9.4-2) unstable; urgency=low
++
++ * include some more docu in pod format (Bug #43933)
++ * removed -mv8 from sparc flags (Bug #44769)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 14 Sep 1999 22:04:06 +0200
++
++openssl (0.9.4-1) unstable; urgency=low
++
++ * new upstream version (Closes: #42926)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 28 Aug 1999 17:04:23 +0200
++
++openssl (0.9.3a-1) unstable; urgency=low
++
++ * new upstream version (Bug #38345, #38627)
++ * sparc is big-endian (Bug #39973)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 7 Jul 1999 16:03:37 +0200
++
++openssl (0.9.2b-3) unstable; urgency=low
++
++ * correct move conffiles to /etc/ssl (Bug #38570)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 31 May 1999 21:08:07 +0200
++
++openssl (0.9.2b-2) unstable; urgency=low
++
++ * added convenience package ssleay to help upgrade to openssl (Bug
++ #37185, #37623, #36326)
++ * added some missing dependencies from libssl09 (Bug #36681, #35867,
++ #36326)
++ * move lib*.so to libssl09-dev (Bug #36761)
++ * corrected version numbers of library files
++ * introduce link from /usr/lib/ssl to /etc/ssl (Bug #36710)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 23 May 1999 14:57:48 +0200
++
++openssl (0.9.2b-1) unstable; urgency=medium
++
++ * First openssl version
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 31 Mar 1999 15:54:26 +0200
++
++ssleay (0.9.0b-2) unstable; urgency=low
++
++ * Include message about the (not)usage of RSAREF (#24409)
++ * Move configfiles from /usr/lib/ssl to /etc/ssl (#26406)
++ * Change definitions for sparc (#26487)
++ * Added missing dependency (#28591)
++ * Make debian/libtool executable (#29708)
++ * /etc/ssl/lib/ssleay.cnf is now a confile (#32624)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 21 Mar 1999 19:41:04 +0100
++
++ssleay (0.9.0b-1) unstable; urgency=low
++
++ * new upstream version (Bug #21227, #25971)
++ * build shared libraries with -fPIC (Bug #20027)
++ * support sparc architecture (Bug #28467)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 13 Oct 1998 10:20:13 +0200
++
++ssleay (0.8.1-7) frozen unstable; urgency=high
++
++ * security fix patch to 0.8.1b (bug #24022)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 6 Jul 1998 15:42:15 +0200
++
++ssleay (0.8.1-6) frozen unstable; urgency=low
++
++ * second try to fix bug #15235 (copyright was still missing)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 22 Jun 1998 08:56:27 +0200
++
++ssleay (0.8.1-5) frozen unstable; urgency=high
++
++ * changed /dev/random to /dev/urandom (Bug #23169, #17817)
++ * copyright contains now the full licence (Bug #15235)
++ * fixed bug #19410 (md5sums-lists-nonexisting-file)
++ * added demos to /usr/doc (Bug #17372)
++ * fixed type in package description (Bug #18969)
++ * fixed bug in adding documentation (Bug #21463)
++ * added patch for support of debian-powerpc (Bug #21579)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 18 Jun 1998 23:09:13 +0200
++
++ssleay (0.8.1-4) unstable; urgency=low
++
++ * purged dependency from libc5
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 11 Nov 1997 15:31:50 +0100
++
++ssleay (0.8.1-3) unstable; urgency=low
++
++ * changed packagename libssl to libssl08 to get better dependancies
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 7 Nov 1997 14:23:17 +0100
++
++ssleay (0.8.1-2) unstable; urgency=low
++
++ * linked shared libraries against libc6
++ * use /dev/random for randomseed
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 5 Nov 1997 11:21:40 +0100
++
++ssleay (0.8.1-1) unstable; urgency=low
++
++ * new upstream version
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 16 Oct 1997 16:15:43 +0200
++
++ssleay (0.6.6-2) unstable; urgency=low
++
++ * cleanup in diffs
++ * removed INSTALL from docs (bug #13205)
++ * split libssl and libssl-dev (but #13735)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 15 Oct 1997 17:38:38 +0200
++
++ssleay (0.6.6-1) unstable; urgency=low
++
++ * New upstream version
++ * added shared libraries for libcrypto and libssl
++
++ -- Christoph Martin <martin@uni-mainz.de> Thu, 26 Jun 1997 19:26:14 +0200
++
++ssleay (0.6.4-2) unstable; urgency=low
++
++ * changed doc filenames from .doc to .txt to be able to read them
++ over with webbrowser
++
++ -- Christoph Martin <martin@uni-mainz.de> Tue, 25 Feb 1997 14:02:53 +0100
++
++ssleay (0.6.4-1) unstable; urgency=low
++
++ * Initial Release.
++
++ -- Christoph Martin <martin@uni-mainz.de> Fri, 22 Nov 1996 21:29:51 +0100
+--- openssl-0.9.7e.orig/debian/control
++++ openssl-0.9.7e/debian/control
+@@ -0,0 +1,60 @@
++Source: openssl
++Build-Depends: debhelper (>= 4.2.0)
++Section: utils
++Priority: optional
++Maintainer: Christoph Martin <christoph.martin@uni-mainz.de>
++Standards-Version: 3.6.1
++
++Package: openssl
++Priority: optional
++Architecture: any
++Depends: ${shlibs:Depends}, ${perl:Depends}
++Conflicts: ssleay (<< 0.9.2b)
++Suggests: ca-certificates
++Description: Secure Socket Layer (SSL) binary and related cryptographic tools
++ This package contains the openssl binary and related tools.
++ .
++ It is part of the OpenSSL implementation of SSL.
++ .
++ You need it to perform certain cryptographic actions like:
++ o Creation of RSA, DH and DSA Key Parameters
++ o Creation of X.509 Certificates, CSRs and CRLs
++ o Calculation of Message Digests
++ o Encryption and Decryption with Ciphers
++ o SSL/TLS Client and Server Tests
++ o Handling of S/MIME signed or encrypted Mail
++
++Package: libssl0.9.7
++Section: libs
++Priority: standard
++Architecture: any
++Depends: ${shlibs:Depends}, ${misc:Depends}
++Conflicts: ssleay (<< 0.9.2b), libssl, openssl (<< 0.9.6-2), libssl096-dev (<< 0.9.6-2)
++Description: SSL shared libraries
++ libssl and libcrypto shared libraries needed by programs like
++ apache-ssl, telnet-ssl and openssh.
++ .
++ It is part of the OpenSSL implementation of SSL.
++
++Package: libcrypto0.9.7-udeb
++XC-Package-Type: udeb
++Section: debian-installer
++Priority: optional
++Architecture: any
++Depends: ${shlibs:Depends}, ${misc:Depends}
++Provides: libssl0.9.7
++Description: crypto shared library - udeb
++ libcrypto shared library.
++ .
++ Do not install it on a normal system.
++
++Package: libssl-dev
++Section: libdevel
++Priority: optional
++Architecture: any
++Depends: libssl0.9.7 (= ${Source-Version})
++Conflicts: ssleay (<< 0.9.2b), libssl08-dev, libssl09-dev, libssl095a-dev, libssl096-dev
++Description: SSL development libraries, header files and documentation
++ libssl and libcrypt development libraries, header files and manpages
++ .
++ It is part of the OpenSSL implementation of SSL.
+--- openssl-0.9.7e.orig/debian/rules
++++ openssl-0.9.7e/debian/rules
+@@ -0,0 +1,186 @@
++#!/usr/bin/make -f
++# Sample debian.rules file - for GNU Hello (1.3).
++# Copyright 1994,1995 by Ian Jackson.
++# I hereby give you perpetual unlimited permission to copy,
++# modify and relicense this file, provided that you do not remove
++# my name from the file itself. (I assert my moral right of
++# paternity under the Copyright, Designs and Patents Act 1988.)
++# This file may have to be extensively modified
++#
++# Modified to be a prototype for debmake by Christoph Lameter <clameter@debian.org>
++SHELL=/bin/bash
++export DH_COMPAT=3
++
++package=openssl
++
++# For generating the manpages
++export VERSION=$(shell dpkg-parsechangelog | grep '^Version:' | sed -e 's/^.*://' -e 's/-.*//')
++
++# The binary architeture
++DEB_HOST_ARCH = $(shell dpkg-architecture -qDEB_HOST_ARCH)
++
++CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5
++OPT_alpha = ev4 ev5
++OPT_i386 = i486 i586 i686/cmov
++OPT_sparc = v8 v9
++ARCHOPTS = OPT_$(DEB_HOST_ARCH)
++OPTS = $($(ARCHOPTS))
++WANTED_LIBC_VERSION = 2.3.1-10
++
++build:
++ dh_testdir
++ perl util/perlpath.pl /usr/bin
++# perl util/ssldir.pl /usr/lib/ssl
++# chmod +x debian/libtool
++ ./Configure no-shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
++ make -f Makefile DIRS="crypto ssl" all
++ mv libcrypto.a libcrypto.static
++ mv libssl.a libssl.static
++ make -f Makefile DIRS="crypto ssl" clean
++ test -z "$(OPTS)" || for opt in $(OPTS); \
++ do \
++ set -xe; \
++ ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)-$$opt; \
++ make -f Makefile DIRS="crypto ssl" all; \
++ mkdir -p $$opt; \
++ mv libcrypto.so* libssl.so* $$opt/; \
++ make -f Makefile DIRS="crypto ssl" clean; \
++ done
++ ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
++ #make -f Makefile depend
++ ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/
++# make -f Makefile linux-shared
++ make -f Makefile all
++# strip apps/openssl
++# make -f Makefile clean DIRS="crypto ssl"
++# ./Configure --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 debian-$(DEB_HOST_ARCH)
++# make -f Makefile all DIRS="crypto ssl"
++ touch build
++
++clean:
++ dh_testdir
++ dh_testroot
++ -rm -f build
++ perl util/perlpath.pl /usr/bin
++ ./Configure $(CONFARGS) debian-$(DEB_HOST_ARCH)
++ -make -f Makefile clean clean-shared
++ #-make -f Makefile dclean
++ perl util/perlpath.pl /usr/local/bin
++# perl util/ssldir.pl /usr/local/ssl
++ -rm -f test/.rnd test/testkey.pem test/testreq.pem test/certCA.srl
++ -rm -f util/mk1mf.bak Makefile.bak `find . -name Makefile.save`
++ -rm -f crypto/pem/ctx_size
++ -rm -f `find . -name "*~"`
++ -rm -f `find . -name "*.orig" -o -name "*.rej"`
++ -rm -f certs/*.0 certs/*.1
++# -rm -rf debian/tmp debian/files* core `find debian/* -type d`
++ -rm -rf core $(OPTS)
++ -rm doc/*.pod
++ -rm -f libcrypto.* libssl.*
++ dh_clean
++
++binary-indep: build
++ dh_testdir
++ dh_testroot
++# There are no architecture-independent files to be uploaded
++# generated by this package. If there were any they would be
++# made here.
++
++binary-arch: build
++ dh_testdir
++ dh_testroot
++ dh_clean
++# -rm -rf debian/tmp `find debian/* -type d`
++ install -d debian/tmp debian/libssl0.9.7 debian/libssl-dev debian/ssleay/usr/share/doc
++# cd debian/tmp && install -d `cat ../dirs`
++# cd debian/libssl09 && install -d `cat ../libssl09.dirs`
++# cd debian/libssl09-dev && install -d `cat ../libssl09-dev.dirs`
++ dh_installdirs
++#openssl install
++ make -f Makefile install INSTALL_PREFIX=`pwd`/debian/tmp
++ rm debian/tmp/usr/share/man/man1/openssl.1
++ rm debian/tmp/usr/share/man/man3/crypto.3
++ rm debian/tmp/usr/share/man/man3/ssl.3
++# rm debian/tmp/usr/lib/libcrypto.a
++# rm debian/tmp/usr/lib/libssl.a
++ mv debian/tmp/usr/lib/libcrypto.a debian/tmp/usr/lib/libcrypto_pic.a
++ mv debian/tmp/usr/lib/libssl.a debian/tmp/usr/lib/libssl_pic.a
++ cp -pf libcrypto.static debian/tmp/usr/lib/libcrypto.a
++ cp -pf libssl.static debian/tmp/usr/lib/libssl.a
++# mv debian/tmp/usr/lib/ssl/bin debian/tmp/usr/bin/ssl
++# (cd debian/tmp/usr/lib/ssl; ln -s /usr/bin/ssl bin)
++# mv debian/tmp/usr/lib/ssl/include debian/tmp/usr/include/ssl
++# (cd debian/tmp/usr/lib/ssl; ln -s /usr/include/ssl include)
++# chmod -x debian/tmp/usr/lib/*.so.*
++# mv debian/tmp/usr/lib/*.a debian/libssl09-dev/usr/lib/
++# mv debian/tmp/usr/lib/*.so debian/libssl09-dev/usr/lib/
++# mv debian/tmp/usr/lib/*.so.*.*.* debian/libssl09/usr/lib/
++# mv debian/tmp/usr/lib/*.la debian/libssl09-dev/usr/lib/
++# mv debian/tmp/usr/include debian/libssl09-dev/usr/
++ mkdir -p debian/tmp/etc/ssl
++ mv debian/tmp/usr/lib/ssl/{certs,openssl.cnf,private} debian/tmp/etc/ssl/
++ ln -s /etc/ssl/{certs,openssl.cnf,private} debian/tmp/usr/lib/ssl/
++ cp -pf debian/tmp/usr/lib/libcrypto.so.* debian/libcrypto0.9.7-udeb/usr/lib/
++#ssleay install
++ #ln -s openssl debian/ssleay/usr/share/doc/ssleay
++#libssl install
++# install -m 644 libcrypto.so.08.1 libssl.so.08.1 debian/libssl08/usr/lib/
++# ln -s libssl.so.08 debian/libssl08-dev/usr/lib/libssl.so
++# ln -s libcrypto.so.08 debian/libssl08-dev/usr/lib/libcrypto.so
++# debian/libtool install -m 644 crypto/libcrypto.la
++# debian/libtool install -m 644 ssl/libssl.la
++ cp -auv lib*.so* debian/tmp/usr/lib/
++# cp -auv lib*.a debian/tmp/usr/lib/
++ for opt in $(OPTS); do set -xe; mkdir -p debian/tmp/usr/lib/$$opt; cp -auv $$opt/lib*.so* debian/tmp/usr/lib/$$opt/; done
++ install debian/copyright debian/libssl0.9.7/usr/share/doc/libssl0.9.7/
++ install debian/changelog debian/libssl0.9.7/usr/share/doc/libssl0.9.7/changelog.Debian
++ install debian/copyright debian/libssl-dev/usr/share/doc/libssl-dev/
++ install debian/changelog debian/libssl-dev/usr/share/doc/libssl-dev/changelog.Debian
++# (cd debian/tmp/usr/doc/openssl/doc; for f in *.doc*; do mv "$$f" "$$(echo $$f | sed -e 's/doc/txt/')";done)
++# (cd doc; for f in *; do install "$$f" ../debian/tmp/usr/share/doc/openssl/doc/"$$(echo $$f | sed -e 's/doc/txt/')";done)
++# debstd -u CHANGES* LICENSE README NEWS
++ dh_installdocs -Nssleay CHANGES.SSLeay LICENSE README NEWS debian/README.optimization
++ dh_installexamples
++ dh_installchangelogs -Nssleay CHANGES
++# dh_installmenu
++# dh_installcron
++ dh_installmanpages -popenssl
++ dh_installdebconf
++# dh_undocumented c_rehash.1
++ dh_movefiles
++# rmdir debian/tmp/usr/lib/ssl/lib
++# rmdir debian/tmp/usr/include/openssl
++# rmdir debian/tmp/usr/include
++# for opt in $(OPTS); do set -xe; rm -fr debian/tmp/usr/lib/$$opt; done
++ dh_strip
++ dh_compress
++ chmod 700 debian/openssl/etc/ssl/private
++ dh_fixperms -X etc/ssl/private
++ dh_perl -d
++# dh_suidregister
++ dh_shlibdeps -l`pwd` -Xlibssl.so
++ # Hack, to depend on version of libc6 which supports the i686 directory
++ if [ "${DEB_HOST_ARCH}" == "i386" ]; \
++ then \
++ SHLIB=`cat debian/libssl0.9.7.substvars`; \
++ LIBC_VERSION=`echo $$SHLIB | sed s'/.*libc6 (>= \(.*\))/\1/'`; \
++ if dpkg --compare-versions ${WANTED_LIBC_VERSION} gt $$LIBC_VERSION; \
++ then \
++ echo $$SHLIB | sed s'/libc6 (>= \(.*\))/libc6 (>= ${WANTED_LIBC_VERSION})/' > debian/libssl0.9.7.substvars; \
++ fi \
++ fi
++ dh_gencontrol
++ dh_makeshlibs -m 0.9.7
++ dh_installdeb
++ dh_md5sums
++ dh_builddeb
++ echo -en "\a"
++
++# Below here is fairly generic really
++
++binary: binary-indep binary-arch
++
++source diff:
++ @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false
++
++.PHONY: binary binary-arch binary-indep clean
+--- openssl-0.9.7e.orig/debian/copyright
++++ openssl-0.9.7e/debian/copyright
+@@ -0,0 +1,130 @@
++This package was debianized by Christoph Martin martin@uni-mainz.de on
++Fri, 22 Nov 1996 21:29:51 +0100.
++
++
++ LICENSE ISSUES
++ ==============
++
++ The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
++ the OpenSSL License and the original SSLeay license apply to the toolkit.
++ See below for the actual license texts. Actually both licenses are BSD-style
++ Open Source licenses. In case of any license issues related to OpenSSL
++ please contact openssl-core@openssl.org.
++
++ OpenSSL License
++ ---------------
++
++/* ====================================================================
++ * Copyright (c) 1998-1999 The OpenSSL Project. All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in
++ * the documentation and/or other materials provided with the
++ * distribution.
++ *
++ * 3. All advertising materials mentioning features or use of this
++ * software must display the following acknowledgment:
++ * "This product includes software developed by the OpenSSL Project
++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
++ *
++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
++ * endorse or promote products derived from this software without
++ * prior written permission. For written permission, please contact
++ * openssl-core@openssl.org.
++ *
++ * 5. Products derived from this software may not be called "OpenSSL"
++ * nor may "OpenSSL" appear in their names without prior written
++ * permission of the OpenSSL Project.
++ *
++ * 6. Redistributions of any form whatsoever must retain the following
++ * acknowledgment:
++ * "This product includes software developed by the OpenSSL Project
++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ * ====================================================================
++ *
++ * This product includes cryptographic software written by Eric Young
++ * (eay@cryptsoft.com). This product includes software written by Tim
++ * Hudson (tjh@cryptsoft.com).
++ *
++ */
++
++ Original SSLeay License
++ -----------------------
++
++/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
++ * All rights reserved.
++ *
++ * This package is an SSL implementation written
++ * by Eric Young (eay@cryptsoft.com).
++ * The implementation was written so as to conform with Netscapes SSL.
++ *
++ * This library is free for commercial and non-commercial use as long as
++ * the following conditions are aheared to. The following conditions
++ * apply to all code found in this distribution, be it the RC4, RSA,
++ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
++ * included with this distribution is covered by the same copyright terms
++ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
++ *
++ * Copyright remains Eric Young's, and as such any Copyright notices in
++ * the code are not to be removed.
++ * If this package is used in a product, Eric Young should be given attribution
++ * as the author of the parts of the library used.
++ * This can be in the form of a textual message at program startup or
++ * in documentation (online or textual) provided with the package.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ * 1. Redistributions of source code must retain the copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. All advertising materials mentioning features or use of this software
++ * must display the following acknowledgement:
++ * "This product includes cryptographic software written by
++ * Eric Young (eay@cryptsoft.com)"
++ * The word 'cryptographic' can be left out if the rouines from the library
++ * being used are not cryptographic related :-).
++ * 4. If you include any Windows specific code (or a derivative thereof) from
++ * the apps directory (application code) you must include an acknowledgement:
++ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
++ *
++ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
++ * SUCH DAMAGE.
++ *
++ * The licence and distribution terms for any publically available version or
++ * derivative of this code cannot be changed. i.e. this code cannot simply be
++ * copied and put under another distribution licence
++ * [including the GNU Public Licence.]
++ */
++
+--- openssl-0.9.7e.orig/debian/libssl-dev.docs
++++ openssl-0.9.7e/debian/libssl-dev.docs
+@@ -0,0 +1 @@
++demos
+--- openssl-0.9.7e.orig/debian/libssl0.9.7.prerm
++++ openssl-0.9.7e/debian/libssl0.9.7.prerm
+@@ -0,0 +1,3 @@
++#!/bin/sh -e
++
++#DEBHELPER#
+--- openssl-0.9.7e.orig/debian/libssl0.9.7.files
++++ openssl-0.9.7e/debian/libssl0.9.7.files
+@@ -0,0 +1,3 @@
++usr/lib/*.so.*.*.*
++usr/lib/*/*.so.*.*.*
++usr/lib/i686/cmov/*.so.*.*.*
+--- openssl-0.9.7e.orig/debian/openssl.prerm
++++ openssl-0.9.7e/debian/openssl.prerm
+@@ -0,0 +1,3 @@
++#!/bin/sh -e
++
++#DEBHELPER#
+--- openssl-0.9.7e.orig/debian/ssleay.postinst
++++ openssl-0.9.7e/debian/ssleay.postinst
+@@ -0,0 +1,9 @@
++#!/bin/sh -e
++
++ if [ "$1" = "configure" ]; then
++ if [ -d /usr/doc -a ! -e /usr/doc/ssleay -a -d /usr/share/doc/ssleay ]; then
++ ln -sf ../share/doc/ssleay /usr/doc/ssleay
++ fi
++ fi
++
++#DEBHELPER#
+--- openssl-0.9.7e.orig/debian/ssleay.prerm
++++ openssl-0.9.7e/debian/ssleay.prerm
+@@ -0,0 +1,7 @@
++#!/bin/sh -e
++
++ if [ \( "$1" = "upgrade" -o "$1" = "remove" \) -a -L /usr/doc/ssleay ]; then
++ rm -f /usr/doc/ssleay
++ fi
++
++#DEBHELPER#
+--- openssl-0.9.7e.orig/debian/libssl-dev.postinst
++++ openssl-0.9.7e/debian/libssl-dev.postinst
+@@ -0,0 +1,3 @@
++#!/bin/sh -e
++
++#DEBHELPER#
+--- openssl-0.9.7e.orig/debian/libssl-dev.files
++++ openssl-0.9.7e/debian/libssl-dev.files
+@@ -0,0 +1,9 @@
++usr/lib/libssl.so
++usr/lib/libcrypto.so
++usr/lib/libssl.a
++usr/lib/libcrypto.a
++usr/lib/libssl_pic.a
++usr/lib/libcrypto_pic.a
++usr/lib/pkgconfig/openssl.pc
++usr/include
++usr/share/man/man3
+--- openssl-0.9.7e.orig/debian/libssl-dev.dirs
++++ openssl-0.9.7e/debian/libssl-dev.dirs
+@@ -0,0 +1,3 @@
++usr/lib
++usr/share/doc/libssl-dev
++usr/share/man
+--- openssl-0.9.7e.orig/debian/libssl-dev.prerm
++++ openssl-0.9.7e/debian/libssl-dev.prerm
+@@ -0,0 +1,3 @@
++#!/bin/sh -e
++
++#DEBHELPER#
+--- openssl-0.9.7e.orig/debian/shlibs.local
++++ openssl-0.9.7e/debian/shlibs.local
+@@ -0,0 +1,2 @@
++libcrypto 0.9.7 libssl0.9.7
++libssl 0.9.7 libssl0.9.7
+--- openssl-0.9.7e.orig/debian/README.optimization
++++ openssl-0.9.7e/debian/README.optimization
+@@ -0,0 +1,32 @@
++openssl ships optimized libraries for some cpus. The loading of these
++libraries depends on the ability of the dynamic linker to automaticly
++search additional directories depending on the cpu. If you want to
++find out which are these directories for your computer, run the
++following command:
++
++LD_LIBRARY_PATH=/usr/lib strace true 2>&1 | fgrep "open(\"/usr/lib"
++
++On a Pentium III this gives:
++
++open("/usr/lib/i686/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
++open("/usr/lib/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
++open("/usr/lib/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
++open("/usr/lib/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
++
++Following is a list of cpus, library paths and possible optimizations:
++
++486 /usr/lib/i486 -march=i486 -mcpu=i486 +asm
++Pentium /usr/lib/i586 -march=i586 -mcpu=i586 +asm
++Pentium MMX /usr/lib/i586 -march=i586 -mcpu=i586 +asm
++Pentium II /usr/lib/i686 -march=i686 -mcpu=i686 +asm
++Pentium III /usr/lib/i686 -march=i686 -mcpu=i686 +asm
++AMD-K6 /usr/lib/i586 -march=i586 -mcpu=i586 +asm
++AMD-K7 /usr/lib/i686 -march=i686 -mcpu=i686 +asm
++
++Sparc v8 /usr/lib/v8 -mcpu=v8 +asm
++Sparc v9 /usr/lib/v9 -mcpu=v9 -Wa,-Av8plus +asm
++
++Alpha EV4 /usr/lib/ev4 -mcpu=ev4
++Alpha EV5 /usr/lib/ev5 -mcpu=ev5
++
+++asm means that the handcrafted 586 assembler routines can be used.
+--- openssl-0.9.7e.orig/debian/openssl.preinst
++++ openssl-0.9.7e/debian/openssl.preinst
+@@ -0,0 +1,36 @@
++#!/bin/sh -e
++
++if [ -L /etc/ssl ]
++then
++ echo Removing obsolete link /etc/ssl
++ rm /etc/ssl
++fi
++if [ ! -d /etc/ssl ]
++then
++ echo Creating directory /etc/ssl
++ mkdir /etc/ssl
++fi
++if [ -d /usr/lib/ssl ]
++then
++ for file in lib certs private
++ do
++ if [ -e /usr/lib/ssl/$file -a ! -L /usr/lib/ssl/$file ]
++ then
++ echo Moving $file from /usr/lib/ssl to /etc/ssl
++ cp -av /usr/lib/ssl/$file /etc/ssl || true
++ rm -fr /usr/lib/ssl/$file
++ fi
++ done
++fi
++if [ -L /usr/lib/ssl ]
++then
++ echo Removeing obsolete link /usr/lib/ssl
++ rm /usr/lib/ssl
++fi
++if [ -e /etc/ssl/lib/openssl.cnf ]
++then
++ echo Moving openssl.cnf
++ mv /etc/ssl/lib/openssl.cnf /etc/ssl/
++fi
++
++#DEBHELPER#
+--- openssl-0.9.7e.orig/debian/libssl0.9.7.dirs
++++ openssl-0.9.7e/debian/libssl0.9.7.dirs
+@@ -0,0 +1,2 @@
++usr/lib
++usr/share/doc/libssl0.9.7
+--- openssl-0.9.7e.orig/debian/libssl0.9.7.postinst
++++ openssl-0.9.7e/debian/libssl0.9.7.postinst
+@@ -0,0 +1,139 @@
++#!/bin/sh -e
++
++. /usr/share/debconf/confmodule
++
++package_name()
++{
++ echo $(basename $0 .postinst)
++}
++
++# element() is a helper function for file-rc:
++element() {
++ local element list IFS
++
++ element="$1"
++
++ [ "$2" = "in" ] && shift
++ list="$2"
++ [ "$list" = "-" ] && return 1
++ [ "$list" = "*" ] && return 0
++
++ IFS=","
++ set -- $list
++ case $element in
++ "$1"|"$2"|"$3"|"$4"|"$5"|"$6"|"$7"|"$8"|"$9")
++ return 0
++ esac
++ return 1
++}
++
++# filerc (runlevel, service) returns /etc/init.d/service, if service is
++# running in $runlevel:
++filerc() {
++ local runlevel basename
++ runlevel=$1
++ basename=$2
++ while read LINE
++ do
++ case $LINE in
++ \#*|"") continue
++ esac
++
++ set -- $LINE
++ SORT_NO="$1"; STOP="$2"; START="$3"; CMD="$4"
++ [ "$CMD" = "/etc/init.d/$basename" ] || continue
++
++ if element "$runlevel" in "$START" || element "S" in "$START"
++ then
++ echo "/etc/init.d/$basename"
++ return 0
++ fi
++ done < /etc/runlevel.conf
++ echo ""
++}
++
++if [ "$1" = "configure" ]
++then
++ if [ ! -z $2 ]; then
++ if dpkg --compare-versions $2 lt 0.9.7d-1; then
++ echo -n "Checking for services that may need to be restarted..."
++
++ check="sendmail ssh"
++ check="$check apache2-common ssh-nonfree exim4"
++ check="$check apache-ssl libapache-mod-ssl openvpn spamassassin"
++ check="$check courier-imap-ssl courier-mta-ssl courier-pop-ssl"
++ check="$check postfix-tls cyrus21-imapd cyrus21-pop3d"
++ check="$check postgresql racoon"
++ # Only get the ones that are installed, and configured
++ check=$(dpkg -s $check 2> /dev/null | sed '/^$/{N;/^\n$/D;}' | awk 'BEGIN{RS="\n\n";FS="\n"}{if ( $2 ~ /Status: .* installed$/ ) { print $1 } }' | cut -f 2 -d ' ')
++ # apache2 ships its init script in apache2-common, but the
++ # script is apache2
++ check=$(echo $check | sed 's/apache2-common/apache2/g')
++ # For mod-ssl apache has to be restarted
++ check=$(echo $check | sed 's/libapache-mod-ssl/apache/g')
++ rl=$(runlevel | awk '{print $2}')
++ for service in $check; do
++ if [ -f /usr/share/file-rc/rc -o -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then
++ idl=$(filerc $rl $service)
++ else
++ idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
++ fi
++ if [ -n "$idl" ] && [ -x $idl ]; then
++ services="$service $services"
++ fi
++ done
++ echo "done."
++ if [ -n "$services" ]; then
++ db_version 2.0
++
++ db_reset libssl0.9.7/restart-services
++ db_set libssl0.9.7/restart-services "$services"
++ db_input critical libssl0.9.7/restart-services || true
++ db_go || true
++ db_get libssl0.9.7/restart-services
++ # Arghhh, close all the stupid debconf pipes
++ db_stop
++
++ if [ "x$RET" != "x" ]
++ then
++ services=$RET
++ answer=yes
++ else
++ answer=no
++ fi
++ echo
++ if [ "$answer" = yes ] && [ "$services" != "" ]; then
++ echo "Restarting services possibly affected by the upgrade:"
++ failed=""
++ for service in $services; do
++ idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
++ echo -n " $service: stopping..."
++ $idl stop > /dev/null 2>&1 || true
++ sleep 1
++ echo -n "starting..."
++ if $idl start > /dev/null 2>&1; then
++ echo "done."
++ else
++ echo "FAILED! ($?)"
++ failed="$service $failed"
++ fi
++ done
++ echo
++ if [ -n "$failed" ]; then
++ # Ruh roh, George
++ echo "The following services failed to start: $failed"
++ echo
++ echo "You will need to start these manually by running \`/etc/init.d/<service> start'"
++ echo "If the service still fails to start, you may need to file a bug on"
++ echo "$(package_name) or the service involved."
++ else
++ echo "Services restarted successfully."
++ fi
++ echo
++ fi
++ fi
++ fi # end upgrading and $2 lt 0.9.7c-1
++ fi # Upgrading
++fi
++
++#DEBHELPER#
+--- openssl-0.9.7e.orig/debian/openssl.postinst
++++ openssl-0.9.7e/debian/openssl.postinst
+@@ -0,0 +1,9 @@
++#!/bin/sh -e
++
++if [ ! -e /usr/lib/ssl ]
++then
++ echo Linking /usr/lib/ssl to /etc/ssl
++ ln -sf /etc/ssl /usr/lib/ssl
++fi
++
++#DEBHELPER#
+--- openssl-0.9.7e.orig/debian/openssl.docs
++++ openssl-0.9.7e/debian/openssl.docs
+@@ -0,0 +1 @@
++doc
+--- openssl-0.9.7e.orig/debian/openssl.dirs
++++ openssl-0.9.7e/debian/openssl.dirs
+@@ -0,0 +1,5 @@
++usr/share/doc/openssl/doc
++usr/bin
++usr/lib
++etc/ssl/certs
++etc/ssl/private
+--- openssl-0.9.7e.orig/debian/openssl.files
++++ openssl-0.9.7e/debian/openssl.files
+@@ -0,0 +1,6 @@
++usr/share/man/man1
++usr/share/man/man5
++usr/share/man/man7
++usr/bin
++usr/lib/ssl
++etc/ssl
+--- openssl-0.9.7e.orig/debian/libssl0.9.7.preinst
++++ openssl-0.9.7e/debian/libssl0.9.7.preinst
+@@ -0,0 +1,3 @@
++#!/bin/sh -e
++
++#DEBHELPER#
+--- openssl-0.9.7e.orig/debian/libssl0.9.7.templates
++++ openssl-0.9.7e/debian/libssl0.9.7.templates
+@@ -0,0 +1,15 @@
++Template: libssl0.9.7/restart-services
++Type: string
++_Description: Which services should be restarted to make them use the new libraries?
++ Security holes were fixed with this release. Services may not use these
++ fixes until they are restarted. Note: restarting sshd should not affect any
++ existing connections.
++ .
++ Following is a list of detected services that need to be restarted. Please
++ correct the list, if you think it is incorrect. The services names must be
++ identical to the script names in /etc/init.d and must be separated by
++ spaces. If you clear the list, no services will be restarted.
++ .
++ If other services begin to fail mysteriously after this upgrade, it may be
++ necessary to restart them too. We strongly recommend you to reboot your
++ machine to avoid the SSL related trouble.
+--- openssl-0.9.7e.orig/debian/watch
++++ openssl-0.9.7e/debian/watch
+@@ -0,0 +1,2 @@
++version=2
++ftp://ftp.openssl.org/source/openssl-(([\d+\.]+|\d+)[a-z]?)\.tar\.gz debian uupdate
+--- openssl-0.9.7e.orig/debian/libcrypto0.9.7-udeb.dirs
++++ openssl-0.9.7e/debian/libcrypto0.9.7-udeb.dirs
+@@ -0,0 +1 @@
++usr/lib
+--- openssl-0.9.7e.orig/debian/po/POTFILES.in
++++ openssl-0.9.7e/debian/po/POTFILES.in
+@@ -0,0 +1 @@
++[type: gettext/rfc822deb] libssl0.9.7.templates
+--- openssl-0.9.7e.orig/debian/po/fr.po
++++ openssl-0.9.7e/debian/po/fr.po
+@@ -0,0 +1,69 @@
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans#
++# Developers do not need to manually edit POT or PO files.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl_0.9.7c-5\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2003-10-22 21:37+0200\n"
++"Last-Translator: Michel Grentzinger <mic.grentz@online.fr>\n"
++"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-15\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "Services redmarrer afin d'utiliser les nouvelles bibliothques"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Des failles de scurit on t corriges dans cette version. Les services ne "
++"devraient pas utiliser ces correctifs tant qu'ils n'auront pas t "
++"redmarrs. Note: le redmarrage de sshd n'affectera aucune connexion "
++"existante."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"La liste suivante recense tous les services devant tre redmarrs. Veuillez "
++"corriger la liste si vous pensez qu'elle contient des erreurs. Les noms des "
++"services doivent tre identiques aux noms des scripts prsents dans /etc/"
++"init.d et doivent tre spars par des espaces. Si vous effacez la liste, "
++"aucun service ne sera redmarr."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Si d'autres services ne fonctionnent plus correctement aprs cette mise "
++"jour, il est sans doute ncessaire de les redmarrer de la mme faon. Il "
++"est fortement recommand de redmarrer votre machine pour viter les "
++"problmes lis SSL."
+--- openssl-0.9.7e.orig/debian/po/templates.pot
++++ openssl-0.9.7e/debian/po/templates.pot
+@@ -0,0 +1,59 @@
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++#, fuzzy
++msgid ""
++msgstr ""
++"Project-Id-Version: PACKAGE VERSION\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
++"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
++"Language-Team: LANGUAGE <LL@li.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=CHARSET\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
+--- openssl-0.9.7e.orig/debian/po/pt_BR.po
++++ openssl-0.9.7e/debian/po/pt_BR.po
+@@ -0,0 +1,71 @@
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-04-04 15:21-0300\n"
++"Last-Translator: Andr Lus Lopes <andrelop@debian.org>\n"
++"Language-Team: Debian-BR Project <debian-l10n-portuguese@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-1\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "Quais servios devem ser reiniciados para utilizar novas bibliotecas ?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Falhas de segurana foram corrigidas nesta verso. Alguns servios podem "
++"no utilizar estas correes at que sejam reiniciados. Note : reiniciar "
++"o sshd no afetar nenhuma conexo j estabelecida."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"A seguir ser exibida uma lista de servios que foram detectados e que "
++"precisam ser reiniciados. Por favor, corrija a lista caso voc tenha "
++"certeza que ela esteja incorreta. Os nomes dos servios devem ser "
++"idnticos aos nomes dos scripts sob o diretrio /etc/init.d e devem "
++"estar separados por espaos. Caso voc esvazie a lista, nenhum servio "
++"ser reiniciado."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Caso outros servios comecem a falhar misteriosamente aps esta "
++"atualizao, pode ser necessrio reinici-los tambm. Recomendados "
++"fortemente que voc reinicie sua mquina para evitar problemas "
++"relacionados a SSL."
+--- openssl-0.9.7e.orig/debian/po/ja.po
++++ openssl-0.9.7e/debian/po/ja.po
+@@ -0,0 +1,69 @@
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl 0.9.7d-1\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-03-24 23:41+0900\n"
++"Last-Translator: Hideki Yamane <henrich@samba.gr.jp>\n"
++"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=EUC-JP\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "ɤΥӥ򿷤饤֥Ȥ˺Ƶưޤ?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Υ꡼ǥƥۡ뤬ޤƥӥϺƵưԤ"
++"ޤǤν줿饤֥Ѥޤ: sshd κƵưϸ³"
++"ϲƶޤ"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"ʲƵưɬפȽǤ줿ӥΥꥹȤǤְäƤȻפä"
++"Ƥӥ̾ /etc/init.d ˤ륹ץȤ̾ؤ"
++"ǶڤɬפޤꥹȤξϡӥκƵưɬפޤ"
++""
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"¾ΥӥǤΥåץ졼ɤθ˲Τ顼򵯤Ϥ᤿硢"
++"ƵưɬפޤSSL ϢΥȥ֥򤱤뤿˥ޥƵ"
++"ưΤ򶯤ᤷޤ"
+--- openssl-0.9.7e.orig/debian/po/da.po
++++ openssl-0.9.7e/debian/po/da.po
+@@ -0,0 +1,71 @@
++# translation of openssl_0.9.7d-1_templates.po to Danish
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans#
++# Developers do not need to manually edit POT or PO files.
++# Claus Hindsgaul <claus_h@image.dk>, 2004.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl_0.9.7d-1_templates\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-04-02 16:08+0200\n"
++"Last-Translator: Claus Hindsgaul <claus_h@image.dk>\n"
++"Language-Team: Danish <dansk@klid.dk>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-1\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: KBabel 1.3.1\n"
++"Plural-Forms: nplurals=2; plural=(n != 1);\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "Hvilke services skal genstartes, s de benytter de nye biblioteker?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Der lukket nogle sikkerhedshuller i denne version af openssl. Disse huller "
++"bliver ikke lukket i dine services fr de er blevet genstartet. Bemrk at "
++"det ikke vil pvirke eksisterende forbindelser at genstarte ssh."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"Herunder ser du en liste over fundne services, som br genstartes. Ret "
++"listen, hvis du mener at den ikke er korrekt. Servicenavnene skal vre "
++"identiske med skriptnavnene i /etc/init.d, og skal adskilles med "
++"mellemrum. Hvis du sletter listen, vil ingen services blive genstartet."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Hvis andre services begynder at fejle p mystisk vis efter denne opgradering, "
++"kan det vre ndvendigt ogs at genstarte disse. Vi anbefaler dig kraftigt "
++"at genstarte din maskine for at undg SSL-relaterede problemer."
++
+--- openssl-0.9.7e.orig/debian/po/ca.po
++++ openssl-0.9.7e/debian/po/ca.po
+@@ -0,0 +1,59 @@
++# openssl (debconf) translation to Catalan.
++# Copyright (C) 2004 Free Software Foundation, Inc.
++# Aleix Badia i Bosch <abadia@ica.es>, 2004
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl_0.9.7d-1_templates\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2003-07-20 11:44+0200\n"
++"PO-Revision-Date: 2004-04-08 19:46GMT\n"
++"Last-Translator: Aleix Badia i Bosch <abadia@ica.es>\n"
++"Language-Team: Catalan <debian-l10n-catalan@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr ""
++"Quina serveis s'han de reiniciar perquè utilitzin les noves biblioteques?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Aquesta versió resol els errors de seguretat. Els serveis no utilitzaran les "
++"correccions fins que no s'hagin reiniciat. Nota: reiniciant l'sshd no "
++"s'afectarà cap connexió existent."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"És una llista de serveis que s'ha detectat que s'haurien de reiniciar, "
++"corregiu-la si és incorrecta. El nom dels serveis hauria de ser idèntic als "
++"noms de les seqüències del directori /etc/init.d i haurien d'estar separats "
++"per espais. Si suprimiu la llista no es reiniciarà cap servei."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Si després de l'actualització d'altres serveis fallen de forma inexplicable, "
++"probablement també sigui necessari reiniciar-los. Us recomanem que per "
++"evitar els problemes relacionats amb l'SSL reinicieu l'ordinador."
+--- openssl-0.9.7e.orig/debian/po/es.po
++++ openssl-0.9.7e/debian/po/es.po
+@@ -0,0 +1,84 @@
++# openssl translation to spanish
++# Copyright (C) 2004 Software in the Public Interest
++# This file is distributed under the same license as the openssl package.
++#
++# Changes:
++# - Initial translation
++# Lucas Wall <kthulhu@kadath.com.ar>, 2004
++#
++#
++# Traductores, si no conoce el formato PO, merece la pena leer la
++# documentacin de gettext, especialmente las secciones dedicadas a este
++# formato, por ejemplo ejecutando:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Equipo de traduccin al espaol, por favor lean antes de traducir
++# los siguientes documentos:
++#
++# - El proyecto de traduccin de Debian al espaol
++# http://www.debian.org/intl/spanish/coordinacion
++# especialmente las notas de traduccin en
++# http://www.debian.org/intl/spanish/notas
++#
++# - La gua de traduccin de po's de debconf:
++# /usr/share/doc/po-debconf/README-trans
++# o http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl 0.9.7d-3\n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-06-12 15:23-0300\n"
++"Last-Translator: Lucas Wall <kthulhu@kadath.com.ar>\n"
++"Language-Team: Debian Spanish <debian-l10n-spanish@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-15\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr ""
++"Qu servicios desea reiniciar para que utilicen las nuevas bibliotecas?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"En esta versin se han solucionado problemas de seguridad. Los servicios "
++"afectados no gozarn de los arreglos hasta que no se hayan reiniciado. Nota: "
++"reiniciar el servicio sshd no afectar ninguna de las conexiones "
++"existentes."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"Una lista de los servicios que deben ser reiniciados se presenta a "
++"continuacin. Si cree que no es correcta haga los ajustes necesarios. Los "
++"nombres de los servicios deben ser iguales a los nombres de los ficheros "
++"en /etc/init.d y debe estar separados por espacios. Ningn servicio ser "
++"reiniciado si deja la lista en blanco."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Si, tras esta actualizacin, otros servicios comienzan a fallar en forma "
++"misteriosa puede ser necesario reiniciarlos tambin. Para evitar problemas "
++"relacionados con SSL se le recomienda reiniciar su sistema."
+--- openssl-0.9.7e.orig/debian/po/nl.pl
++++ openssl-0.9.7e/debian/po/nl.pl
+@@ -0,0 +1,48 @@
++#!/usr/local/bin/perl
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl 0.9.7d-5\n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-08-01 18:31+0100\n"
++"Last-Translator: Luk Claes <luk.claes@ugent.be>\n"
++"Language-Team: Debian l10n Dutch <debian-l10n-dutch@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=iso-8859-1\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "Welke diensten moeten herstart worden om ze de nieuwe bibliotheken te laten gebruiken?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Security holes were fixed with this release. Services may not use these fixes until they are restarted. Note: restarting sshd should not affect any existing connections."
++msgstr "Er zijn veiligheidslekken gedicht in deze release. Diensten gebruiken deze versie misschien niet totdat ze herstart zijn. Merk op: sshd herstarten zou geen effect mogen hebben op bestaande verbindingen."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Following is a list of detected services that need to be restarted. Please correct the list, if you think it is incorrect. The services names must be identical to the script names in /etc/init.d and must be separated by spaces. If you clear the list, no services will be restarted."
++msgstr "Hierna volgt een lijst van gedetecteerde diensten die herstart moeten worden. Verbeter de lijst, als u denkt dat ze incorrect is. De namen moeten overeenkomen met de script-namen in /etc/init.d en moeten gescheiden worden door spaties. Als u de lijst ledigt, dan zullen er geen diensten worden herstart."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "If other services begin to fail mysteriously after this upgrade, it may be necessary to restart them too. We strongly recommend you to reboot your machine to avoid the SSL related trouble."
++msgstr "Als er andere diensten mysterieus beginnen te falen na deze opwaardering, kan het nodig zijn om ze ook te herstarten. Er wordt u ten zeerste aanbevolen uw machine te herstarten om SSL-gerelateerde problemen te vermijden."
++
+--- openssl-0.9.7e.orig/debian/po/cs.po
++++ openssl-0.9.7e/debian/po/cs.po
+@@ -0,0 +1,68 @@
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-09-26 17:40+0200\n"
++"Last-Translator: Miroslav Kure <kurem@debian.cz>\n"
++"Language-Team: Czech <provoz@debian.cz>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-2\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "Kter sluby se maj restartovat, aby zaaly vyuvat nov knihovny?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"V tto verzi balku byly opraveny bezbenostn chyby. Tyto opravy se v "
++"programech projev a po jejich restartu. Poznmka: restart sshd by neml "
++"ovlivnit stvajc spojen."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"Nsleduje seznam rozpoznanch slueb, kter je teba restartovat. Pokud se "
++"vm zd, e je tento seznam chybn, mete jej opravit. Nzvy slueb mus "
++"bt shodn s nzvy skript v adresi /etc/init.d a mus bt oddleny "
++"mezerami. Pokud seznam vymaete, nebude restartovna dn sluba."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Jestlie po tto aktualizaci zanou selhvat nkter sluby, mon bude "
++"nutn je takt restartovat. Abyste se vyhnuli problmm spojench se SSL, "
++"doporuujeme restartovat cel pota."
diff --git a/recipes/openssl/openssl-0.9.7e/gnueabi-arm.patch b/recipes/openssl/openssl-0.9.7e/gnueabi-arm.patch
new file mode 100644
index 0000000000..be0adbdea7
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7e/gnueabi-arm.patch
@@ -0,0 +1,15 @@
+
+#
+# Patch managed by http://www.mn-logistik.de/unsupported/pxa250/patcher
+#
+
+--- openssl-0.9.7e/Configure~gnueabi-arm 2006-03-19 21:04:31.000000000 +0100
++++ openssl-0.9.7e/Configure 2006-03-19 21:07:22.000000000 +0100
+@@ -462,6 +462,7 @@
+ # Linux on ARM
+ "linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-elf-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-gnueabi-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ # SCO/Caldera targets.
+ #
diff --git a/recipes/openssl/openssl-0.9.7g/armeb.patch b/recipes/openssl/openssl-0.9.7g/armeb.patch
new file mode 100644
index 0000000000..7539506949
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7g/armeb.patch
@@ -0,0 +1,18 @@
+--- Configure.orig 2006-03-22 16:29:20.000000000 +0100
++++ Configure 2006-03-22 16:31:44.000000000 +0100
+@@ -395,6 +395,7 @@
+ "debian-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "debian-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-armeb","gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ #"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ #"debian-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+@@ -474,6 +475,7 @@
+ # ARM comes in both little- and big-endian flavors. The following line is
+ # endian neutral, but ./config is free to throw in -D[BL]_ENDIAN...
+ "linux-elf-arm","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-elf-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ # SCO/Caldera targets.
+ #
diff --git a/recipes/openssl/openssl-0.9.7g/armeb.patch.lock b/recipes/openssl/openssl-0.9.7g/armeb.patch.lock
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7g/armeb.patch.lock
diff --git a/recipes/openssl/openssl-0.9.7g/avr32.patch b/recipes/openssl/openssl-0.9.7g/avr32.patch
new file mode 100644
index 0000000000..b6ac81b717
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7g/avr32.patch
@@ -0,0 +1,10 @@
+--- Configure~ 2008-01-23 17:44:04.000000000 +0100
++++ Configure 2008-01-23 17:44:04.000000000 +0100
+@@ -442,6 +442,7 @@
+ "linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc32.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ # -bpowerpc64-linux is transient option, -m64 should be the one to use...
++"linux-avr32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
+ "linux-ppc64", "gcc:-bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc64.o:::::::::dlfcn:linux-shared:-fPIC:-bpowerpc64-linux:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::",
+ "linux-s390", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/recipes/openssl/openssl-0.9.7g/debian.patch b/recipes/openssl/openssl-0.9.7g/debian.patch
new file mode 100644
index 0000000000..8cfdd2d653
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7g/debian.patch
@@ -0,0 +1,2808 @@
+--- openssl097-0.9.7g.orig/apps/CA.pl
++++ openssl097-0.9.7g/apps/CA.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+ #
+ # CA - wrapper around ca to make it easier to use ... basically ca requires
+ # some setup stuff to be done before you can use it and this makes
+@@ -63,6 +63,7 @@
+ foreach (@ARGV) {
+ if ( /^(-\?|-h|-help)$/ ) {
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 0;
+ } elsif (/^-newcert$/) {
+ # create a certificate
+@@ -158,6 +159,7 @@
+ } else {
+ print STDERR "Unknown arg $_\n";
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 1;
+ }
+ }
+--- openssl097-0.9.7g.orig/apps/CA.pl.in
++++ openssl097-0.9.7g/apps/CA.pl.in
+@@ -63,6 +63,7 @@
+ foreach (@ARGV) {
+ if ( /^(-\?|-h|-help)$/ ) {
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 0;
+ } elsif (/^-newcert$/) {
+ # create a certificate
+@@ -158,6 +159,7 @@
+ } else {
+ print STDERR "Unknown arg $_\n";
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 1;
+ }
+ }
+--- openssl097-0.9.7g.orig/apps/progs.h
++++ openssl097-0.9.7g/apps/progs.h
+@@ -35,11 +35,9 @@
+ extern int spkac_main(int argc,char *argv[]);
+ extern int smime_main(int argc,char *argv[]);
+ extern int rand_main(int argc,char *argv[]);
+-extern int prime_main(int argc,char *argv[]);
+-#ifndef OPENSSL_NO_ENGINE
+ extern int engine_main(int argc,char *argv[]);
+-#endif
+ extern int ocsp_main(int argc,char *argv[]);
++extern int prime_main(int argc,char *argv[]);
+
+ #define FUNC_TYPE_GENERAL 1
+ #define FUNC_TYPE_MD 2
+@@ -95,9 +93,7 @@
+ #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
+ {FUNC_TYPE_GENERAL,"s_client",s_client_main},
+ #endif
+-#ifndef OPENSSL_NO_SPEED
+ {FUNC_TYPE_GENERAL,"speed",speed_main},
+-#endif
+ #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
+ {FUNC_TYPE_GENERAL,"s_time",s_time_main},
+ #endif
+@@ -116,11 +112,9 @@
+ {FUNC_TYPE_GENERAL,"spkac",spkac_main},
+ {FUNC_TYPE_GENERAL,"smime",smime_main},
+ {FUNC_TYPE_GENERAL,"rand",rand_main},
+- {FUNC_TYPE_GENERAL,"prime",prime_main},
+-#ifndef OPENSSL_NO_ENGINE
+ {FUNC_TYPE_GENERAL,"engine",engine_main},
+-#endif
+ {FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
++ {FUNC_TYPE_GENERAL,"prime",prime_main},
+ #ifndef OPENSSL_NO_MD2
+ {FUNC_TYPE_MD,"md2",dgst_main},
+ #endif
+--- openssl097-0.9.7g.orig/config
++++ openssl097-0.9.7g/config
+@@ -163,8 +163,8 @@
+ echo "${MACHINE}-whatever-linux1"; exit 0
+ ;;
+
+- GNU*)
+- echo "hurd-x86"; exit 0;
++ GNU:*|GNU/*:*)
++ echo "${MACHINE}-gnuish"; exit 0;
+ ;;
+
+ LynxOS:*)
+--- openssl097-0.9.7g.orig/Configure
++++ openssl097-0.9.7g/Configure
+@@ -1,4 +1,4 @@
+-:
++#!/usr/local/bin/perl
+ eval 'exec perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+ ##
+@@ -390,6 +390,42 @@
+ # assembler versions -- currently defunct:
+ ##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}",
+
++# Debian GNU/* (various architectures)
++"debian-alpha","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ia64","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC",
++"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -mcpu=i486 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -mcpu=i586 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -mcpu=i686 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-mips","gcc:-O2 -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc64.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v8 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,-Av8plus -fomit-frame-pointer -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
+ # bn86-elf.o file file since it is hand tweaked assembler.
+ "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+@@ -1316,7 +1352,8 @@
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
+ {
+ my $sotmp = $1;
+- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
++# s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
++ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
+ }
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
+ {
+--- openssl097-0.9.7g.orig/crypto/asn1/charmap.pl
++++ openssl097-0.9.7g/crypto/asn1/charmap.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ use strict;
+
+--- openssl097-0.9.7g.orig/crypto/bn/asm/ppc.pl
++++ openssl097-0.9.7g/crypto/bn/asm/ppc.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # Implemented as a Perl wrapper as we want to support several different
+ # architectures with single file. We pick up the target based on the
+--- openssl097-0.9.7g.orig/crypto/md5/asm/md5-sparcv9.S
++++ openssl097-0.9.7g/crypto/md5/asm/md5-sparcv9.S
+@@ -74,14 +74,14 @@
+ #define Dval R8
+
+ #if defined(MD5_BLOCK_DATA_ORDER)
+-# if defined(OPENSSL_SYSNAME_ULTRASPARC)
++/*# if defined(OPENSSL_SYSNAME_ULTRASPARC)*/
+ # define LOAD lda
+ # define X(i) [%i1+i*4]%asi
+ # define md5_block md5_block_asm_data_order_aligned
+ # define ASI_PRIMARY_LITTLE 0x88
+-# else
++/*# else
+ # error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!"
+-# endif
++# endif*/
+ #else
+ # define LOAD ld
+ # define X(i) [%i1+i*4]
+--- openssl097-0.9.7g.orig/crypto/opensslconf.h
++++ openssl097-0.9.7g/crypto/opensslconf.h
+@@ -4,17 +4,38 @@
+ /* OpenSSL was configured with the following options: */
+ #ifndef OPENSSL_DOING_MAKEDEPEND
+
++#ifndef OPENSSL_NO_IDEA
++# define OPENSSL_NO_IDEA
++#endif
++#ifndef OPENSSL_NO_MDC2
++# define OPENSSL_NO_MDC2
++#endif
++#ifndef OPENSSL_NO_RC5
++# define OPENSSL_NO_RC5
++#endif
+ #ifndef OPENSSL_NO_KRB5
+ # define OPENSSL_NO_KRB5
+ #endif
+
+ #endif /* OPENSSL_DOING_MAKEDEPEND */
++#ifndef OPENSSL_THREADS
++# define OPENSSL_THREADS
++#endif
+
+ /* The OPENSSL_NO_* macros are also defined as NO_* if the application
+ asks for it. This is a transient feature that is provided for those
+ who haven't had the time to do the appropriate changes in their
+ applications. */
+ #ifdef OPENSSL_ALGORITHM_DEFINES
++# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
++# define NO_IDEA
++# endif
++# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
++# define NO_MDC2
++# endif
++# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
++# define NO_RC5
++# endif
+ # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+ # define NO_KRB5
+ # endif
+@@ -27,7 +48,7 @@
+
+ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+-#define OPENSSLDIR "/usr/local/ssl"
++#define OPENSSLDIR "/usr/lib/ssl"
+ #endif
+ #endif
+
+@@ -79,7 +100,7 @@
+
+ #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+ #define CONFIG_HEADER_BN_H
+-#undef BN_LLONG
++#define BN_LLONG
+
+ /* Should we define BN_DIV2W here? */
+
+@@ -98,7 +119,7 @@
+ #define CONFIG_HEADER_RC4_LOCL_H
+ /* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+-#undef RC4_INDEX
++#define RC4_INDEX
+ #endif
+
+ #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+@@ -112,14 +133,14 @@
+ /* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+ #ifndef DES_PTR
+-#undef DES_PTR
++#define DES_PTR
+ #endif
+
+ /* This helps C compiler generate the correct code for multiple functional
+ * units. It reduces register dependancies at the expense of 2 more
+ * registers */
+ #ifndef DES_RISC1
+-#undef DES_RISC1
++#define DES_RISC1
+ #endif
+
+ #ifndef DES_RISC2
+@@ -133,7 +154,7 @@
+ /* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+ #ifndef DES_UNROLL
+-#undef DES_UNROLL
++#define DES_UNROLL
+ #endif
+
+ /* These default values were supplied by
+--- openssl097-0.9.7g.orig/crypto/pkcs7/pk7_mime.c
++++ openssl097-0.9.7g/crypto/pkcs7/pk7_mime.c
+@@ -277,9 +277,9 @@
+
+ if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
+ strcmp(hdr->value, "application/pkcs7-signature")) {
+- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE);
+ ERR_add_error_data(2, "type: ", hdr->value);
++ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ sk_BIO_pop_free(parts, BIO_vfree);
+ return NULL;
+ }
+--- openssl097-0.9.7g.orig/crypto/rc4/asm/rc4-amd64.pl
++++ openssl097-0.9.7g/crypto/rc4/asm/rc4-amd64.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+--- openssl097-0.9.7g.orig/crypto/rc4/rc4_enc.c
++++ openssl097-0.9.7g/crypto/rc4/rc4_enc.c
+@@ -77,10 +77,6 @@
+ x=key->x;
+ y=key->y;
+ d=key->data;
+-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
+- /* see crypto/rc4/asm/rc4-ia64.S for further details... */
+- d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
+-#endif
+
+ #if defined(RC4_CHUNK)
+ /*
+--- openssl097-0.9.7g.orig/crypto/rc4/rc4.h
++++ openssl097-0.9.7g/crypto/rc4/rc4.h
+@@ -73,10 +73,6 @@
+ {
+ RC4_INT x,y;
+ RC4_INT data[256];
+-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
+- /* see crypto/rc4/asm/rc4-ia64.S for further details... */
+- RC4_INT pad[512-256-2];
+-#endif
+ } RC4_KEY;
+
+
+--- openssl097-0.9.7g.orig/crypto/rc4/rc4_skey.c
++++ openssl097-0.9.7g/crypto/rc4/rc4_skey.c
+@@ -94,10 +94,6 @@
+ unsigned int i;
+
+ d= &(key->data[0]);
+-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
+- /* see crypto/rc4/asm/rc4-ia64.S for further details... */
+- d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
+-#endif
+
+ for (i=0; i<256; i++)
+ d[i]=i;
+--- openssl097-0.9.7g.orig/crypto/sha/asm/sha1-ia64.pl
++++ openssl097-0.9.7g/crypto/sha/asm/sha1-ia64.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+--- openssl097-0.9.7g.orig/demos/tunala/configure.in
++++ openssl097-0.9.7g/demos/tunala/configure.in
+@@ -1,4 +1,4 @@
+-dnl Process this file with autoconf to produce a configure script.
++#!/usr/local/bin/perl
+ AC_INIT(tunala.c)
+ AM_CONFIG_HEADER(config.h)
+ AM_INIT_AUTOMAKE(tunala, 0.0.1-dev)
+--- openssl097-0.9.7g.orig/doc/apps/CA.pl.pod
++++ openssl097-0.9.7g/doc/apps/CA.pl.pod
+@@ -47,7 +47,7 @@
+ creates a new certificate request. The private key and request are
+ written to the file "newreq.pem".
+
+-=item B<-newreq-nowdes>
++=item B<-newreq-nodes>
+
+ is like B<-newreq> except that the private key will not be encrypted.
+
+--- openssl097-0.9.7g.orig/doc/Makefile
++++ openssl097-0.9.7g/doc/Makefile
+@@ -0,0 +1,40 @@
++VERSION =
++
++#PODS = $(wildcard *.pod)
++#MANS = $(addsuffix .man, $(basename $(PODS)))
++
++MANS = openssl.1 ssl.3 crypto.3
++
++P2M = pod2man --center='OpenSSL Documentation' --release="OpenSSL $(VERSION)"
++
++all: manpages
++
++.PHONY: manpages
++
++manpages: openssl.1 crypto.3 ssl.3
++
++openssl.1:
++ $(P2M) --section=1 openssl.pod > openssl.1
++
++crypto.3:
++ $(P2M) --section=3 crypto.pod > crypto.3
++
++ssl.3:
++ $(P2M) --section=3 ssl.pod > ssl.3
++
++.PHONY: install
++install:
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p openssl.1 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ install -m 644 -p crypto.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p ssl.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ rm -f $(MANS)
++
++.PHONY: clean
++clean:
++ rm -f $(MANS)
++
++.PHONY: realclean
++realclean:
++ -$(MAKE) clean
+--- openssl097-0.9.7g.orig/Makefile
++++ openssl097-0.9.7g/Makefile
+@@ -11,11 +11,11 @@
+ SHLIB_VERSION_HISTORY=
+ SHLIB_MAJOR=0
+ SHLIB_MINOR=9.7
+-SHLIB_EXT=
+-PLATFORM=dist
+-OPTIONS= no-krb5
+-CONFIGURE_ARGS=dist
+-SHLIB_TARGET=
++SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
++PLATFORM=debian-i386
++OPTIONS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug no-krb5
++CONFIGURE_ARGS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug debian-i386
++SHLIB_TARGET=linux-shared
+
+ # HERE indicates where this Makefile lives. This can be used to indicate
+ # where sub-Makefiles are expected to be. Currently has very limited usage,
+@@ -26,10 +26,10 @@
+ # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+ # Normally it is left empty.
+ INSTALL_PREFIX=
+-INSTALLTOP=/usr/local/ssl
++INSTALLTOP=/usr
+
+ # Do not edit this manually. Use Configure --openssldir=DIR do change this!
+-OPENSSLDIR=/usr/local/ssl
++OPENSSLDIR=/usr/lib/ssl
+
+ # NO_IDEA - Define to build without the IDEA algorithm
+ # NO_RC4 - Define to build without the RC4 algorithm
+@@ -59,12 +59,13 @@
+ # equal 4.
+ # PKCS1_CHECK - pkcs1 tests.
+
+-CC= cc
++#TOP=$(shell pwd)
++CC= gcc
+ #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+-CFLAG= -DOPENSSL_NO_KRB5 -O
+-DEPFLAG=
++CFLAG= -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DL_ENDIAN -DTERMIO -O3 -Wall -g
++DEPFLAG= -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5
+ PEX_LIBS=
+-EX_LIBS=
++EX_LIBS= -ldl
+ EXE_EXT=
+ ARFLAGS=
+ AR=ar $(ARFLAGS) r
+@@ -72,7 +73,7 @@
+ PERL= /usr/bin/perl
+ TAR= tar
+ TARFLAGS= --no-recursion
+-MAKEDEPPROG=makedepend
++MAKEDEPPROG= gcc
+
+ # We let the C compiler driver to take care of .s files. This is done in
+ # order to be excused from maintaining a separate set of architecture
+@@ -177,13 +178,13 @@
+ # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
+ SHLIB_MARK=
+
+-DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps test tools
++DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps doc tools
+ SHLIBDIRS= crypto ssl
+
+ # dirs in crypto to build
+ SDIRS= objects \
+- md2 md4 md5 sha mdc2 hmac ripemd \
+- des rc2 rc4 rc5 idea bf cast \
++ md2 md4 md5 sha hmac ripemd \
++ des rc2 rc4 bf cast \
+ bn ec rsa dsa dh dso engine aes \
+ buffer bio stack lhash rand err \
+ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
+@@ -196,10 +197,10 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
+ SHELL=/bin/sh
+
+ TOP= .
+@@ -211,7 +212,7 @@
+ SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+ SHARED_SSL=libssl$(SHLIB_EXT)
+ SHARED_LIBS=
+-SHARED_LIBS_LINK_EXTS=
++SHARED_LIBS_LINK_EXTS=.so
+ SHARED_LDFLAGS=
+
+ GENERAL= Makefile
+@@ -826,7 +827,7 @@
+ do \
+ if [ -f "$$i" ]; then \
+ ( echo installing $$i; \
+- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
++ cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
+ if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
+ : ; \
+ else \
+--- openssl097-0.9.7g.orig/Makefile.org
++++ openssl097-0.9.7g/Makefile.org
+@@ -57,6 +57,7 @@
+ # equal 4.
+ # PKCS1_CHECK - pkcs1 tests.
+
++#TOP=$(shell pwd)
+ CC= gcc
+ #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+ CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+@@ -175,7 +176,7 @@
+ # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
+ SHLIB_MARK=
+
+-DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps test tools
++DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps doc tools
+ SHLIBDIRS= crypto ssl
+
+ # dirs in crypto to build
+@@ -194,10 +195,10 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
+ SHELL=/bin/sh
+
+ TOP= .
+@@ -824,7 +825,7 @@
+ do \
+ if [ -f "$$i" ]; then \
+ ( echo installing $$i; \
+- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
++ cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
+ if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
+ : ; \
+ else \
+--- openssl097-0.9.7g.orig/os2/backwardify.pl
++++ openssl097-0.9.7g/os2/backwardify.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl -w
++#!/usr/local/bin/perl
+ use strict;
+
+ # Use as $0
+--- openssl097-0.9.7g.orig/ssl/s23_srvr.c
++++ openssl097-0.9.7g/ssl/s23_srvr.c
+@@ -528,9 +528,7 @@
+ }
+
+ s->state=SSL2_ST_GET_CLIENT_HELLO_A;
+- if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
+- use_sslv2_strong ||
+- (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
++ if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
+ s->s2->ssl2_rollback=0;
+ else
+ /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
+--- openssl097-0.9.7g.orig/ssl/ssl_algs.c
++++ openssl097-0.9.7g/ssl/ssl_algs.c
+@@ -109,3 +109,8 @@
+ return(1);
+ }
+
++#undef SSLeay_add_ssl_algorithms
++int SSLeay_add_ssl_algorithms(void)
++ {
++ return SSL_library_init();
++ }
+--- openssl097-0.9.7g.orig/tools/c_rehash
++++ openssl097-0.9.7g/tools/c_rehash
+@@ -6,7 +6,7 @@
+
+ my $openssl;
+
+-my $dir = "/usr/local/ssl";
++my $dir = "/usr/lib/ssl";
+
+ if(defined $ENV{OPENSSL}) {
+ $openssl = $ENV{OPENSSL};
+--- openssl097-0.9.7g.orig/tools/c_rehash.in
++++ openssl097-0.9.7g/tools/c_rehash.in
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl
++#!/usr/bin/perl
+
+
+ # Perl c_rehash script, scan all files in a directory
+--- openssl097-0.9.7g.orig/util/clean-depend.pl
++++ openssl097-0.9.7g/util/clean-depend.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ # Clean the dependency list in a makefile of standard includes...
+ # Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
+
+--- openssl097-0.9.7g.orig/util/extract-names.pl
++++ openssl097-0.9.7g/util/extract-names.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+
+ $/ = ""; # Eat a paragraph at once.
+ while(<STDIN>) {
+--- openssl097-0.9.7g.orig/util/mkdef.pl
++++ openssl097-0.9.7g/util/mkdef.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # generate a .def file
+ #
+--- openssl097-0.9.7g.orig/util/mkerr.pl
++++ openssl097-0.9.7g/util/mkerr.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ my $config = "crypto/err/openssl.ec";
+ my $debug = 0;
+--- openssl097-0.9.7g.orig/util/mkstack.pl
++++ openssl097-0.9.7g/util/mkstack.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ # This is a utility that searches out "DECLARE_STACK_OF()"
+ # declarations in .h and .c files, and updates/creates/replaces
+--- openssl097-0.9.7g.orig/util/pod2man.pl
++++ openssl097-0.9.7g/util/pod2man.pl
+@@ -1,4 +1,4 @@
+-: #!/usr/bin/perl-5.005
++#!/usr/local/bin/perl
+ eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+
+--- openssl097-0.9.7g.orig/util/selftest.pl
++++ openssl097-0.9.7g/util/selftest.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # Run the test suite and generate a report
+ #
+--- openssl097-0.9.7g.orig/VMS/VMSify-conf.pl
++++ openssl097-0.9.7g/VMS/VMSify-conf.pl
+@@ -1,4 +1,4 @@
+-#! /usr/bin/perl
++#!/usr/local/bin/perl
+
+ use strict;
+ use warnings;
+--- openssl097-0.9.7g.orig/debian/po/sv.po
++++ openssl097-0.9.7g/debian/po/sv.po
+@@ -0,0 +1,61 @@
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++# Developers do not need to manually edit POT or PO files.
++# , fuzzy
++#
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl 0.9.7g-2\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2005-09-28 19:22-0700\n"
++"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
++"Language-Team: Swedish <sv@li.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=iso-8859-1\n"
++"Content-Transfer-Encoding: 8bit"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "Vilka tjnster ska startas om fr att f dom att anvnda de nya biblioteken?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Skerhetshlen fixades i denna versionen. Tjnster kommer inte att anvnda denna version frrn de har startats om. Notera: startar du om sshd kommer inte fixen aktiveras fr redan etablerade anslutningar."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"Fljande r en lista p upptcka tjnster som behver startas om. Vnligen undersk listan och du tror den r felaktig. Namnen p tjnsterna mste vara identiska som skriptnamnen i /etc/init.d och mste separeras med mellanslag. Om du rensar listan kommer inga tjnster att startas om."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Om andra tjnster brjar att f underliga problem efter denna uppgradering kanske de mste startas om ocks. Vi rekommenderar att du startar om din maskin fr att inte f SSL-relaterade problem."
++
+--- openssl097-0.9.7g.orig/debian/po/templates.pot
++++ openssl097-0.9.7g/debian/po/templates.pot
+@@ -0,0 +1,59 @@
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++#, fuzzy
++msgid ""
++msgstr ""
++"Project-Id-Version: PACKAGE VERSION\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
++"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
++"Language-Team: LANGUAGE <LL@li.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=CHARSET\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
+--- openssl097-0.9.7g.orig/debian/po/ca.po
++++ openssl097-0.9.7g/debian/po/ca.po
+@@ -0,0 +1,59 @@
++# openssl (debconf) translation to Catalan.
++# Copyright (C) 2004 Free Software Foundation, Inc.
++# Aleix Badia i Bosch <abadia@ica.es>, 2004
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl_0.9.7d-1_templates\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-04-08 19:46GMT\n"
++"Last-Translator: Aleix Badia i Bosch <abadia@ica.es>\n"
++"Language-Team: Catalan <debian-l10n-catalan@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr ""
++"Quina serveis s'han de reiniciar perquè utilitzin les noves biblioteques?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Aquesta versió resol els errors de seguretat. Els serveis no utilitzaran les "
++"correccions fins que no s'hagin reiniciat. Nota: reiniciant l'sshd no "
++"s'afectarà cap connexió existent."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"És una llista de serveis que s'ha detectat que s'haurien de reiniciar, "
++"corregiu-la si és incorrecta. El nom dels serveis hauria de ser idèntic als "
++"noms de les seqüències del directori /etc/init.d i haurien d'estar separats "
++"per espais. Si suprimiu la llista no es reiniciarà cap servei."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Si després de l'actualització d'altres serveis fallen de forma inexplicable, "
++"probablement també sigui necessari reiniciar-los. Us recomanem que per "
++"evitar els problemes relacionats amb l'SSL reinicieu l'ordinador."
+--- openssl097-0.9.7g.orig/debian/po/da.po
++++ openssl097-0.9.7g/debian/po/da.po
+@@ -0,0 +1,70 @@
++# translation of openssl_0.9.7d-1_templates.po to Danish
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans#
++# Developers do not need to manually edit POT or PO files.
++# Claus Hindsgaul <claus_h@image.dk>, 2004.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl_0.9.7d-1_templates\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-04-02 16:08+0200\n"
++"Last-Translator: Claus Hindsgaul <claus_h@image.dk>\n"
++"Language-Team: Danish <dansk@klid.dk>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-1\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: KBabel 1.3.1\n"
++"Plural-Forms: nplurals=2; plural=(n != 1);\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "Hvilke services skal genstartes, s de benytter de nye biblioteker?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Der lukket nogle sikkerhedshuller i denne version af openssl. Disse huller "
++"bliver ikke lukket i dine services fr de er blevet genstartet. Bemrk at "
++"det ikke vil pvirke eksisterende forbindelser at genstarte ssh."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"Herunder ser du en liste over fundne services, som br genstartes. Ret "
++"listen, hvis du mener at den ikke er korrekt. Servicenavnene skal vre "
++"identiske med skriptnavnene i /etc/init.d, og skal adskilles med mellemrum. "
++"Hvis du sletter listen, vil ingen services blive genstartet."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Hvis andre services begynder at fejle p mystisk vis efter denne "
++"opgradering, kan det vre ndvendigt ogs at genstarte disse. Vi anbefaler "
++"dig kraftigt at genstarte din maskine for at undg SSL-relaterede problemer."
+--- openssl097-0.9.7g.orig/debian/po/cs.po
++++ openssl097-0.9.7g/debian/po/cs.po
+@@ -0,0 +1,68 @@
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-09-26 17:40+0200\n"
++"Last-Translator: Miroslav Kure <kurem@debian.cz>\n"
++"Language-Team: Czech <provoz@debian.cz>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-2\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "Kter sluby se maj restartovat, aby zaaly vyuvat nov knihovny?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"V tto verzi balku byly opraveny bezbenostn chyby. Tyto opravy se v "
++"programech projev a po jejich restartu. Poznmka: restart sshd by neml "
++"ovlivnit stvajc spojen."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"Nsleduje seznam rozpoznanch slueb, kter je teba restartovat. Pokud se "
++"vm zd, e je tento seznam chybn, mete jej opravit. Nzvy slueb mus "
++"bt shodn s nzvy skript v adresi /etc/init.d a mus bt oddleny "
++"mezerami. Pokud seznam vymaete, nebude restartovna dn sluba."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Jestlie po tto aktualizaci zanou selhvat nkter sluby, mon bude "
++"nutn je takt restartovat. Abyste se vyhnuli problmm spojench se SSL, "
++"doporuujeme restartovat cel pota."
+--- openssl097-0.9.7g.orig/debian/po/pt_BR.po
++++ openssl097-0.9.7g/debian/po/pt_BR.po
+@@ -0,0 +1,69 @@
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-04-04 15:21-0300\n"
++"Last-Translator: Andr Lus Lopes <andrelop@debian.org>\n"
++"Language-Team: Debian-BR Project <debian-l10n-portuguese@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-1\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "Quais servios devem ser reiniciados para utilizar novas bibliotecas ?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Falhas de segurana foram corrigidas nesta verso. Alguns servios podem no "
++"utilizar estas correes at que sejam reiniciados. Note : reiniciar o sshd "
++"no afetar nenhuma conexo j estabelecida."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"A seguir ser exibida uma lista de servios que foram detectados e que "
++"precisam ser reiniciados. Por favor, corrija a lista caso voc tenha certeza "
++"que ela esteja incorreta. Os nomes dos servios devem ser idnticos aos "
++"nomes dos scripts sob o diretrio /etc/init.d e devem estar separados por "
++"espaos. Caso voc esvazie a lista, nenhum servio ser reiniciado."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Caso outros servios comecem a falhar misteriosamente aps esta atualizao, "
++"pode ser necessrio reinici-los tambm. Recomendados fortemente que voc "
++"reinicie sua mquina para evitar problemas relacionados a SSL."
+--- openssl097-0.9.7g.orig/debian/po/es.po
++++ openssl097-0.9.7g/debian/po/es.po
+@@ -0,0 +1,85 @@
++# openssl translation to spanish
++# Copyright (C) 2004 Software in the Public Interest
++# This file is distributed under the same license as the openssl package.
++#
++# Changes:
++# - Initial translation
++# Lucas Wall <kthulhu@kadath.com.ar>, 2004
++#
++#
++# Traductores, si no conoce el formato PO, merece la pena leer la
++# documentacin de gettext, especialmente las secciones dedicadas a este
++# formato, por ejemplo ejecutando:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Equipo de traduccin al espaol, por favor lean antes de traducir
++# los siguientes documentos:
++#
++# - El proyecto de traduccin de Debian al espaol
++# http://www.debian.org/intl/spanish/coordinacion
++# especialmente las notas de traduccin en
++# http://www.debian.org/intl/spanish/notas
++#
++# - La gua de traduccin de po's de debconf:
++# /usr/share/doc/po-debconf/README-trans
++# o http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl 0.9.7d-3\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-06-12 15:23-0300\n"
++"Last-Translator: Lucas Wall <kthulhu@kadath.com.ar>\n"
++"Language-Team: Debian Spanish <debian-l10n-spanish@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-15\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr ""
++"Qu servicios desea reiniciar para que utilicen las nuevas bibliotecas?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"En esta versin se han solucionado problemas de seguridad. Los servicios "
++"afectados no gozarn de los arreglos hasta que no se hayan reiniciado. Nota: "
++"reiniciar el servicio sshd no afectar ninguna de las conexiones "
++"existentes."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"Una lista de los servicios que deben ser reiniciados se presenta a "
++"continuacin. Si cree que no es correcta haga los ajustes necesarios. Los "
++"nombres de los servicios deben ser iguales a los nombres de los ficheros en "
++"/etc/init.d y debe estar separados por espacios. Ningn servicio ser "
++"reiniciado si deja la lista en blanco."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Si, tras esta actualizacin, otros servicios comienzan a fallar en forma "
++"misteriosa puede ser necesario reiniciarlos tambin. Para evitar problemas "
++"relacionados con SSL se le recomienda reiniciar su sistema."
+--- openssl097-0.9.7g.orig/debian/po/fr.po
++++ openssl097-0.9.7g/debian/po/fr.po
+@@ -0,0 +1,69 @@
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans#
++# Developers do not need to manually edit POT or PO files.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl_0.9.7c-5\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2003-10-22 21:37+0200\n"
++"Last-Translator: Michel Grentzinger <mic.grentz@online.fr>\n"
++"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-15\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "Services redmarrer afin d'utiliser les nouvelles bibliothques"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Des failles de scurit on t corriges dans cette version. Les services ne "
++"devraient pas utiliser ces correctifs tant qu'ils n'auront pas t "
++"redmarrs. Note: le redmarrage de sshd n'affectera aucune connexion "
++"existante."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"La liste suivante recense tous les services devant tre redmarrs. Veuillez "
++"corriger la liste si vous pensez qu'elle contient des erreurs. Les noms des "
++"services doivent tre identiques aux noms des scripts prsents dans /etc/"
++"init.d et doivent tre spars par des espaces. Si vous effacez la liste, "
++"aucun service ne sera redmarr."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Si d'autres services ne fonctionnent plus correctement aprs cette mise "
++"jour, il est sans doute ncessaire de les redmarrer de la mme faon. Il "
++"est fortement recommand de redmarrer votre machine pour viter les "
++"problmes lis SSL."
+--- openssl097-0.9.7g.orig/debian/po/nl.po
++++ openssl097-0.9.7g/debian/po/nl.po
+@@ -0,0 +1,71 @@
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl 0.9.7d-5\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-08-01 18:31+0100\n"
++"Last-Translator: Luk Claes <luk.claes@ugent.be>\n"
++"Language-Team: Debian l10n Dutch <debian-l10n-dutch@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=iso-8859-1\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr ""
++"Welke diensten moeten herstart worden om ze de nieuwe bibliotheken te laten "
++"gebruiken?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Er zijn veiligheidslekken gedicht in deze release. Diensten gebruiken deze "
++"versie misschien niet totdat ze herstart zijn. Merk op: sshd herstarten zou "
++"geen effect mogen hebben op bestaande verbindingen."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"Hierna volgt een lijst van gedetecteerde diensten die herstart moeten "
++"worden. Verbeter de lijst, als u denkt dat ze incorrect is. De namen moeten "
++"overeenkomen met de script-namen in /etc/init.d en moeten gescheiden worden "
++"door spaties. Als u de lijst ledigt, dan zullen er geen diensten worden "
++"herstart."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Als er andere diensten mysterieus beginnen te falen na deze opwaardering, "
++"kan het nodig zijn om ze ook te herstarten. Er wordt u ten zeerste "
++"aanbevolen uw machine te herstarten om SSL-gerelateerde problemen te "
++"vermijden."
+--- openssl097-0.9.7g.orig/debian/po/ja.po
++++ openssl097-0.9.7g/debian/po/ja.po
+@@ -0,0 +1,69 @@
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl 0.9.7d-1\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2004-03-24 23:41+0900\n"
++"Last-Translator: Hideki Yamane <henrich@samba.gr.jp>\n"
++"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=EUC-JP\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "ɤΥӥ򿷤饤֥Ȥ˺Ƶưޤ?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Υ꡼ǥƥۡ뤬ޤƥӥϺƵưԤ"
++"ޤǤν줿饤֥Ѥޤ: sshd κƵưϸ³"
++"ϲƶޤ"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"ʲƵưɬפȽǤ줿ӥΥꥹȤǤְäƤȻפä"
++"Ƥӥ̾ /etc/init.d ˤ륹ץȤ̾ؤ"
++"ǶڤɬפޤꥹȤξϡӥκƵưɬפޤ"
++""
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"¾ΥӥǤΥåץ졼ɤθ˲Τ顼򵯤Ϥ᤿硢"
++"ƵưɬפޤSSL ϢΥȥ֥򤱤뤿˥ޥƵ"
++"ưΤ򶯤ᤷޤ"
+--- openssl097-0.9.7g.orig/debian/po/POTFILES.in
++++ openssl097-0.9.7g/debian/po/POTFILES.in
+@@ -0,0 +1 @@
++[type: gettext/rfc822deb] libssl0.9.7.templates
+--- openssl097-0.9.7g.orig/debian/po/vi.po
++++ openssl097-0.9.7g/debian/po/vi.po
+@@ -0,0 +1,61 @@
++# Vietnamese translation for openssl.
++# Copyright © 2005 Free Software Foundation, Inc.
++# Clytie Siddall <clytie@riverland.net.au>, 2005.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openssl 0.9.7g-1\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-22 18:34+0100\n"
++"PO-Revision-Date: 2005-07-03 12:49+0930\n"
++"Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n"
++"Language-Team: Vietnamese <gnomevi-list@lists.sourceforge.net>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=utf-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"Plural-Forms: nplurals=1; plural=0\n"
++"X-Generator: LocFactoryEditor 1.2.2\n"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid "Which services should be restarted to make them use the new libraries?"
++msgstr "Để dùng những thư viên mới, cần phải khởi chạy lại dịch vụ nào?"
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Security holes were fixed with this release. Services may not use these "
++"fixes until they are restarted. Note: restarting sshd should not affect any "
++"existing connections."
++msgstr ""
++"Phiên bản phát hành này đã sửa một số lỗ hổng bảo mật rồi. Dịch vụ sẽ dùng "
++"mã đã sửa chỉ sau khi khởi chạy lại thôi. Ghi chú: khởi chạy lại sshd nên "
++"không làm ảnh hưởng đến sự kết nối hiện thời nào."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"Following is a list of detected services that need to be restarted. Please "
++"correct the list, if you think it is incorrect. The services names must be "
++"identical to the script names in /etc/init.d and must be separated by "
++"spaces. If you clear the list, no services will be restarted."
++msgstr ""
++"Theo đây có một danh sách dịch vụ đã phát hiện mà cần phải khởi chạy lại. "
++"Bạn hãy sửa danh sách nếu chưa đúng. Tên dịch vụ phải là cùng một tên với "
++"tên tập lệnh trong «/etc/init.d», những tên định giới bằng dấu cách. Nếu bạn "
++"xóa hết danh sách thì sẽ không khởi chạy lại dịch vụ nào."
++
++#. Type: string
++#. Description
++#: ../libssl0.9.7.templates:3
++msgid ""
++"If other services begin to fail mysteriously after this upgrade, it may be "
++"necessary to restart them too. We strongly recommend you to reboot your "
++"machine to avoid the SSL related trouble."
++msgstr ""
++"Nếu dịch vụ khác mới bị lỗi một cách lạ sau việc nâng cấp này, có lẽ bạn "
++"cũng cần phải khởi chạy lại chúng. Khuyến khích nặng bạn khởi động máy này "
++"để tránh lỗi liên quan đến SSL."
+--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.docs
++++ openssl097-0.9.7g/debian/libssl0.9.7-dev.docs
+@@ -0,0 +1 @@
++demos
+--- openssl097-0.9.7g.orig/debian/control
++++ openssl097-0.9.7g/debian/control
+@@ -0,0 +1,27 @@
++Source: openssl097
++Build-Depends: debhelper (>= 4.2.0), binutils (>= 2.14.90.0.7), zlib1g-dev
++Section: utils
++Priority: optional
++Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
++Uploaders: Christoph Martin <christoph.martin@uni-mainz.de>, Kurt Roeckx <kurt@roeckx.be>
++Standards-Version: 3.6.1
++
++Package: libssl0.9.7
++Section: oldlibs
++Priority: important
++Architecture: any
++Depends: ${shlibs:Depends}, ${misc:Depends}
++Conflicts: ssleay (<< 0.9.2b), libssl, openssl (<< 0.9.6-2), libssl096-dev (<< 0.9.6-2)
++Description: SSL shared libraries
++ libssl and libcrypto shared libraries needed by programs like
++ apache-ssl, telnet-ssl and openssh.
++ .
++ It is part of the OpenSSL implementation of SSL.
++
++Package: libssl0.9.7-dbg
++Section: libdevel
++Priority: extra
++Architecture: any
++Depends: libssl0.9.7 (= ${Source-Version})
++Description: Symbol tables for libssl and libcrypt
++ This package is part of the OpenSSL implementation of SSL.
+--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.prerm
++++ openssl097-0.9.7g/debian/libssl0.9.7-dev.prerm
+@@ -0,0 +1,3 @@
++#!/bin/sh -e
++
++#DEBHELPER#
+--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.postinst
++++ openssl097-0.9.7g/debian/libssl0.9.7-dev.postinst
+@@ -0,0 +1,3 @@
++#!/bin/sh -e
++
++#DEBHELPER#
+--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.files
++++ openssl097-0.9.7g/debian/libssl0.9.7-dev.files
+@@ -0,0 +1,9 @@
++usr/lib/libssl.so
++usr/lib/libcrypto.so
++usr/lib/libssl.a
++usr/lib/libcrypto.a
++usr/lib/libssl_pic.a
++usr/lib/libcrypto_pic.a
++usr/lib/pkgconfig/openssl.pc
++usr/include
++usr/share/man/man3
+--- openssl097-0.9.7g.orig/debian/libssl0.9.7.templates
++++ openssl097-0.9.7g/debian/libssl0.9.7.templates
+@@ -0,0 +1,15 @@
++Template: libssl0.9.7/restart-services
++Type: string
++_Description: Which services should be restarted to make them use the new libraries?
++ Security holes were fixed with this release. Services may not use these
++ fixes until they are restarted. Note: restarting sshd should not affect any
++ existing connections.
++ .
++ Following is a list of detected services that need to be restarted. Please
++ correct the list, if you think it is incorrect. The services names must be
++ identical to the script names in /etc/init.d and must be separated by
++ spaces. If you clear the list, no services will be restarted.
++ .
++ If other services begin to fail mysteriously after this upgrade, it may be
++ necessary to restart them too. We strongly recommend you to reboot your
++ machine to avoid the SSL related trouble.
+--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.dirs
++++ openssl097-0.9.7g/debian/libssl0.9.7-dev.dirs
+@@ -0,0 +1,3 @@
++usr/lib
++usr/share/doc/libssl0.9.7-dev
++usr/share/man
+--- openssl097-0.9.7g.orig/debian/README.optimization
++++ openssl097-0.9.7g/debian/README.optimization
+@@ -0,0 +1,32 @@
++openssl ships optimized libraries for some cpus. The loading of these
++libraries depends on the ability of the dynamic linker to automaticly
++search additional directories depending on the cpu. If you want to
++find out which are these directories for your computer, run the
++following command:
++
++LD_LIBRARY_PATH=/usr/lib strace true 2>&1 | fgrep "open(\"/usr/lib"
++
++On a Pentium III this gives:
++
++open("/usr/lib/i686/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
++open("/usr/lib/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
++open("/usr/lib/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
++open("/usr/lib/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
++
++Following is a list of cpus, library paths and possible optimizations:
++
++486 /usr/lib/i486 -march=i486 -mcpu=i486 +asm
++Pentium /usr/lib/i586 -march=i586 -mcpu=i586 +asm
++Pentium MMX /usr/lib/i586 -march=i586 -mcpu=i586 +asm
++Pentium II /usr/lib/i686 -march=i686 -mcpu=i686 +asm
++Pentium III /usr/lib/i686 -march=i686 -mcpu=i686 +asm
++AMD-K6 /usr/lib/i586 -march=i586 -mcpu=i586 +asm
++AMD-K7 /usr/lib/i686 -march=i686 -mcpu=i686 +asm
++
++Sparc v8 /usr/lib/v8 -mcpu=v8 +asm
++Sparc v9 /usr/lib/v9 -mcpu=v9 -Wa,-Av8plus +asm
++
++Alpha EV4 /usr/lib/ev4 -mcpu=ev4
++Alpha EV5 /usr/lib/ev5 -mcpu=ev5
++
+++asm means that the handcrafted 586 assembler routines can be used.
+--- openssl097-0.9.7g.orig/debian/libssl0.9.7.dirs
++++ openssl097-0.9.7g/debian/libssl0.9.7.dirs
+@@ -0,0 +1,2 @@
++usr/lib
++usr/share/doc/libssl0.9.7
+--- openssl097-0.9.7g.orig/debian/libssl0.9.7.files
++++ openssl097-0.9.7g/debian/libssl0.9.7.files
+@@ -0,0 +1,3 @@
++usr/lib/*.so.*.*.*
++usr/lib/*/*.so.*.*.*
++usr/lib/i686/cmov/*.so.*.*.*
+--- openssl097-0.9.7g.orig/debian/changelog
++++ openssl097-0.9.7g/debian/changelog
+@@ -0,0 +1,689 @@
++openssl097 (0.9.7g-5) unstable; urgency=medium
++
++ * Add the shlibs for libcrypto again, removed by accident.
++ * Change priority of -dbg package to extra.
++ * Remove the libssl0.9.7-dev package.
++ * Add security patch for CAN-2005-2969, setting urgency to medium.
++
++ -- Kurt Roeckx <kurt@roeckx.be> Wed, 12 Oct 2005 21:07:19 +0200
++
++openssl097 (0.9.7g-4) unstable; urgency=low
++
++ * Reintroduce openssl 0.9.7 source package to provide the old
++ library version. This should make packages linked against
++ the old version installable again. (Closes: #332892)
++ * Drop the openssl and libcrypto0.9.7-udeb package.
++ * Rename libssl-dev to libssl0.9.7-dev.
++ * Add myself to the Uploaders field.
++
++ -- Kurt Roeckx <kurt@roeckx.be> Mon, 10 Oct 2005 18:38:30 +0200
++
++openssl (0.9.7g-3) unstable; urgency=low
++
++ * change Configure line for debian-freebsd-i386 to debian-kfreebsd-i386
++ (closes: #327692)
++ * include -dbg version. That implies compiling with -g and without
++ -fomit-frame-pointer (closes: #293823, #153811)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 23 Sep 2005 13:51:57 +0200
++
++openssl (0.9.7g-2) unstable; urgency=low
++
++ * really include nl translation
++ * remove special ia64 code from rc4 code to make the abi compatible to
++ older 0.9.7 versions (closes: #310489, #309274)
++ * fix compile flag for debian-ppc64 (closes: #318750)
++ * small fix in libssl0.9.7.postinst (closes: #239956)
++ * fix pk7_mime.c to prevent garbled messages because of to early memory
++ free (closes: #310184)
++ * include vietnamese debconf translation (closes: #316689)
++ * make optimized i386 libraries have non executable stack (closes:
++ #321721)
++ * remove leftover files from ssleay
++ * move from dh_installmanpages to dh_installman
++ * change Maintainer to pkg-openssl-devel@lists.alioth.debian.org
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 7 Sep 2005 15:32:54 +0200
++
++openssl (0.9.7g-1) unstable; urgency=low
++
++ * New upstream release
++ * Added support for proxy certificates according to RFC 3820.
++ Because they may be a security thread to unaware applications,
++ they must be explicitely allowed in run-time. See
++ docs/HOWTO/proxy_certificates.txt for further information.
++ * Prompt for pass phrases when appropriate for PKCS12 input format.
++ * Back-port of selected performance improvements from development
++ branch, as well as improved support for PowerPC platforms.
++ * Add lots of checks for memory allocation failure, error codes to indicate
++ failure and freeing up memory if a failure occurs.
++ * Perform some character comparisons of different types in X509_NAME_cmp:
++ this is needed for some certificates that reencode DNs into UTF8Strings
++ (in violation of RFC3280) and can't or wont issue name rollover
++ certificates.
++ * corrected watchfile
++ * added upstream source url (closes: #292904)
++ * fix typo in CA.pl.1 (closes: #290271)
++ * change debian-powerpc64 to debian-ppc64 and adapt the configure
++ options to be the same like upstream (closes: #289841)
++ * include -signcert option in CA.pl usage
++ * compile with zlib-dynamic to use system zlib (closes: #289872)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 9 May 2005 23:32:03 +0200
++
++openssl (0.9.7e-3) unstable; urgency=high
++
++ * really fix der_chop. The fix from -1 was not really included (closes:
++ #281212)
++ * still fixes security problem CAN-2004-0975 etc.
++ - tempfile raise condition in der_chop
++ - Avoid a race condition when CRLs are checked in a multi threaded
++ environment.
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 16 Dec 2004 18:41:29 +0100
++
++openssl (0.9.7e-2) unstable; urgency=high
++
++ * fix perl path in der_chop and c_rehash (closes: #281212)
++ * still fixes security problem CAN-2004-0975 etc.
++ - tempfile raise condition in der_chop
++ - Avoid a race condition when CRLs are checked in a multi threaded
++ environment.
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 14 Nov 2004 20:16:21 +0100
++
++openssl (0.9.7e-1) unstable; urgency=high
++
++ * SECURITY UPDATE: fix insecure temporary file handling
++ * apps/der_chop:
++ - replaced $$-style creation of temporary files with
++ File::Temp::tempfile()
++ - removed unused temporary file name in do_certificate()
++ * References:
++ CAN-2004-0975 (closes: #278260)
++ * fix ASN1_STRING_to_UTF8 with UTF8 (closes: #260357)
++ * New upstream release with security fixes
++ - Avoid a race condition when CRLs are checked in a multi threaded
++ environment.
++ - Various fixes to s3_pkt.c so alerts are sent properly.
++ - Reduce the chances of duplicate issuer name and serial numbers (in
++ violation of RFC3280) using the OpenSSL certificate creation
++ utilities.
++ * depends openssl on perl-base instead of perl (closes: #280225)
++ * support powerpc64 in Configure (closes: #275224)
++ * include cs translation (closes: #273517)
++ * include nl translation (closes: #272479)
++ * Fix default dir of c_rehash (closes: #253126)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 12 Nov 2004 14:11:15 +0100
++
++openssl (0.9.7d-5) unstable; urgency=low
++
++ * Make S/MIME encrypt work again (backport from CVS) (closes: #241407,
++ #241386)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 26 Jul 2004 17:22:42 +0200
++
++openssl (0.9.7d-4) unstable; urgency=low
++
++ * add Catalan translation (closes: #248749)
++ * add Spanish translation (closes: #254561)
++ * include NMU fixes: see below
++ * decrease optimisation level for debian-arm to work around gcc bug
++ (closes: #253848) (thanks to Steve Langasek and Thom May)
++ * Add libcrypto0.9.7-udeb. (closes: #250010) (thanks to Bastian Blank)
++ * Add watchfile
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 14 Jul 2004 14:31:02 +0200
++
++openssl (0.9.7d-3) unstable; urgency=low
++
++ * rename -pic.a libraries to _pic.a (closes: #250016)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 24 May 2004 17:02:29 +0200
++
++openssl (0.9.7d-2) unstable; urgency=low
++
++ * include PIC libs (libcrypto-pic.a and libssl-pic.a) to libssl-dev
++ (closes: #246928, #243999)
++ * add racoon to restart list (closes: #242652)
++ * add Brazilian, Japanese and Danish translations (closes: #242087,
++ #241830, #241705)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 11 May 2004 10:13:49 +0200
++
++openssl (0.9.7d-1) unstable; urgency=high
++
++ * new upstream
++ * fixes security holes (http://www.openssl.org/news/secadv_20040317.txt)
++ (closes: #238661)
++ * includes support for debian-amd64 (closes: #235551, #232310)
++ * fix typo in pem.pod (closes: #219873)
++ * fix typo in libssl0.9.7.templates (closes: #224690)
++ * openssl suggests ca-certificates (closes: #217180)
++ * change debconf template to gettext format (closes: #219013)
++ * include french debconf template (closes: #219014)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 18 Mar 2004 16:18:43 +0100
++
++openssl (0.9.7c-5) unstable; urgency=low
++
++ * include openssl.pc into libssl-dev (closes: #212545)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 16 Oct 2003 16:31:32 +0200
++
++openssl (0.9.7c-4) unstable; urgency=low
++
++ * change question to restart services to debconf (closes: #214840)
++ * stop using dh_undocumented (closes: #214831)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 10 Oct 2003 15:40:48 +0200
++
++openssl (0.9.7c-3) unstable; urgency=low
++
++ * fix POSIX conformance for head in libssl0.9.7.postinst (closes:
++ #214700)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 8 Oct 2003 14:02:38 +0200
++
++openssl (0.9.7c-2) unstable; urgency=low
++
++ * add filerc macro to libssl0.9.7.postinst (closes: #213906)
++ * restart spamassassins spamd on upgrade (closes: #214106)
++ * restart more services on upgrade
++ * fix EVP_BytesToKey manpage (closes: #213715)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 7 Oct 2003 15:01:32 +0200
++
++openssl (0.9.7c-1) unstable; urgency=high
++
++ * upstream security fix (closes: #213451)
++ - Fix various bugs revealed by running the NISCC test suite:
++ Stop out of bounds reads in the ASN1 code when presented with
++ invalid tags (CAN-2003-0543 and CAN-2003-0544).
++ Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545).
++ If verify callback ignores invalid public key errors don't try to check
++ certificate signature with the NULL public key.
++ - In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
++ if the server requested one: as stated in TLS 1.0 and SSL 3.0
++ specifications.
++ * more minor upstream bugfixes
++ * fix formatting in c_issuer (closes: #190026)
++ * fix Debian-FreeBSD support (closes: #200381)
++ * restart some services in postinst to make them use the new libraries
++ * remove duplicated openssl.1, crypto.3 and ssl.3 (closes: #198594)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 1 Oct 2003 08:54:27 +0200
++
++openssl (0.9.7b-2) unstable; urgency=high
++
++ * fix permission of /etc/ssl/private to 700 again
++ * change section of libssl-dev to libdevel
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 23 Apr 2003 11:13:24 +0200
++
++openssl (0.9.7b-1) unstable; urgency=high
++
++ * upstream security fix
++ - Countermeasure against the Klima-Pokorny-Rosa extension of
++ Bleichbacher's attack on PKCS #1 v1.5 padding: treat
++ a protocol version number mismatch like a decryption error
++ in ssl3_get_client_key_exchange (ssl/s3_srvr.c). (CAN-2003-0131)
++ (closes: #189087)
++ - Turn on RSA blinding by default in the default implementation
++ to avoid a timing attack. Applications that don't want it can call
++ RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
++ They would be ill-advised to do so in most cases. (CAN-2003-0147)
++ - Change RSA blinding code so that it works when the PRNG is not
++ seeded (in this case, the secret RSA exponent is abused as
++ an unpredictable seed -- if it is not unpredictable, there
++ is no point in blinding anyway). Make RSA blinding thread-safe
++ by remembering the creator's thread ID in rsa->blinding and
++ having all other threads use local one-time blinding factors
++ (this requires more computation than sharing rsa->blinding, but
++ avoids excessive locking; and if an RSA object is not shared
++ between threads, blinding will still be very fast).
++ for more details see the CHANGES file
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 16 Apr 2003 10:32:57 +0200
++
++openssl (0.9.7a-1) unstable; urgency=high
++
++ * upstream Security fix
++ - In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
++ via timing by performing a MAC computation even if incorrrect
++ block cipher padding has been found. This is a countermeasure
++ against active attacks where the attacker has to distinguish
++ between bad padding and a MAC verification error. (CAN-2003-0078)
++ for more details see the CHANGES file
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 21 Feb 2003 22:39:40 +0100
++
++openssl (0.9.7-4) unstable; urgency=low
++
++ * use DH_COMPAT=3 to build
++ * move i686 to i686/cmov to fix problems on Via C3. For that to work we
++ have to depend on the newest libc6 on i386 (closes: #177891)
++ * fix bug in ui_util.c (closes: #177615)
++ * fix typo in md5.h (closes: #178112)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 24 Jan 2003 10:22:56 +0100
++
++openssl (0.9.7-3) unstable; urgency=low
++
++ * enable build of ultrasparc code on non ultrasparc machines (closes:
++ #177024)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 17 Jan 2003 08:22:13 +0100
++
++openssl (0.9.7-2) unstable; urgency=low
++
++ * include changes between 0.9.6g-9 and -10
++ * fix problem in build-process on i386 with libc6 version number
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 13 Jan 2003 14:26:56 +0100
++
++openssl (0.9.7-1) unstable; urgency=low
++
++ * new upstream
++ * includes engine support
++ * a lot of bugfixes and enhancements, see the CHANGES file
++ * include AES encryption
++ * makes preview of certificate configurable (closes: #176059)
++ * fix x509 manpage (closes: #168070)
++ * fix declaration of ERR_load_PEM_string in pem.h (closes: #141360)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 11 Jan 2003 09:12:16 +0100
++
++openssl (0.9.6g-10) unstable; urgency=low
++
++ * fix problem in build-process on i386 with libc6 version number
++ (closes: #167096)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 4 Nov 2002 12:27:21 +0100
++
++openssl (0.9.6g-9) unstable; urgency=low
++
++ * fix typo in i386 libc6 depend (sigh) (closes: #163848)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 8 Oct 2002 23:29:20 +0200
++
++openssl (0.9.6g-8) unstable; urgency=low
++
++ * fix libc6 depends. Only needed for i386 (closes: #163701)
++ * remove SHLIB section for bsds from Configure (closes: #163585)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 8 Oct 2002 10:57:35 +0200
++
++openssl (0.9.6g-7) unstable; urgency=low
++
++ * enable i686 optimisation and depend on fixed glibc (closes: #163500)
++ * remove transition package ssleay
++ * include optimisation vor sparcv8 (closes: #139996)
++ * improve optimisation vor sparcv9
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 6 Oct 2002 14:07:12 +0200
++
++openssl (0.9.6g-6) unstable; urgency=low
++
++ * temporarily disable i686 optimisation (See bug in glibc #161788)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 21 Sep 2002 18:56:49 +0200
++
++openssl (0.9.6g-5) unstable; urgency=low
++
++ * i486 can use i586 assembler
++ * include set -xe in the for loops in the rules files to make it abort
++ on error (closes: #161768)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 21 Sep 2002 16:23:11 +0200
++
++openssl (0.9.6g-4) unstable; urgency=low
++
++ * fix optimization for alpha and sparc
++ * add optimization for i486
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 20 Sep 2002 22:36:19 +0200
++
++openssl (0.9.6g-3) unstable; urgency=low
++
++ * add optimized libraries for i586, i686, ev4, ev5 and v9 (closes: #139783)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 19 Sep 2002 18:33:04 +0200
++
++openssl (0.9.6g-2) unstable; urgency=low
++
++ * fix manpage names (closes: #156717, #156718, #156719, #156721)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 15 Aug 2002 11:26:37 +0200
++
++openssl (0.9.6g-1) unstable; urgency=low
++
++ * new upstream version
++ * Use proper error handling instead of 'assertions' in buffer
++ overflow checks added in 0.9.6e. This prevents DoS (the
++ assertions could call abort()). (closes: #155985, #156495)
++ * Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
++ and get fix the header length calculation.
++ * include support for new sh* architectures (closes: #155117)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 14 Aug 2002 13:59:22 +0200
++
++openssl (0.9.6e-1) unstable; urgency=high
++
++ * fixes remote exploits (see DSA-136-1)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 30 Jul 2002 18:32:28 +0200
++
++openssl (0.9.6d-1) unstable; urgency=low
++
++ * new upstream (minor) version
++ * includes Configure lines for debian-*bsd-* (closes: #130413)
++ * fix wrong prototype for BN_pseudo_rand_range in BN_rand(3ssl) (closes:
++ #144586)
++ * fix typos in package description (closes: #141469)
++ * fix typo in SSL_CTX_set_cert_store manpage (closes: #135297)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 3 Jun 2002 19:42:10 +0200
++
++openssl (0.9.6c-2) unstable; urgency=low
++
++ * moved from non-US to main
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 19 Mar 2002 14:48:39 +0100
++
++openssl (0.9.6c-1) unstable; urgency=low
++
++ * new upstream version with a lot of bugfixes
++ * remove directory /usr/include/openssl from openssl package (closes:
++ bug #121226)
++ * remove selfdepends from libssl0.9.6
++ * link openssl binary shared again
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 5 Jan 2002 19:04:31 +0100
++
++openssl (0.9.6b-4) unstable; urgency=low
++
++ * build with -D_REENTRANT for threads support on all architectures
++ (closes: #112329, #119239)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 24 Nov 2001 12:17:51 +0100
++
++openssl (0.9.6b-3) unstable; urgency=low
++
++ * disable idea, mdc2 and rc5 because they are not free (closes: #65368)
++ * ready to be moved from nonus to main
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 21 Nov 2001 17:51:41 +0100
++
++openssl (0.9.6b-2) unstable; urgency=high
++
++ * fix definition of crypt in des.h (closes: #107533)
++ * fix descriptions (closes: #109503)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 17 Sep 2001 15:38:27 +0200
++
++openssl (0.9.6b-1) unstable; urgency=medium
++
++ * new upstream fixes some security issues (closes: #105835, #100146)
++ * added support for s390 (closes: #105681)
++ * added support for sh (closes: #100003)
++ * change priority of libssl096 to standard as ssh depends on it (closes:
++ #105440)
++ * don't optimize for i486 to support i386. (closes: #104127, #82194)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 20 Jul 2001 15:52:42 +0200
++
++openssl (0.9.6a-3) unstable; urgency=medium
++
++ * add perl-base to builddeps
++ * include static libraries in libssl-dev (closes: #93688)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 14 May 2001 20:16:06 +0200
++
++openssl (0.9.6a-2) unstable; urgency=medium
++
++ * change Architecture of ssleay from any to all (closes: #92913)
++ * depend libssl-dev on the exact same version of libssl0.9.6 (closes:
++ #88939)
++ * remove lib{crypto,ssl}.a from openssl (closes: #93666)
++ * rebuild with newer gcc to fix atexit problem (closes: #94036)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 2 May 2001 12:28:39 +0200
++
++openssl (0.9.6a-1) unstable; urgency=medium
++
++ * new upstream, fixes some security bugs (closes: #90584)
++ * fix typo in s_server manpage (closes: #89756)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 10 Apr 2001 12:13:11 +0200
++
++openssl (0.9.6-2) unstable; urgency=low
++
++ * policy: reorganisation of package names: libssl096 -> libssl0.9.6,
++ libssl096-dev -> libssl-dev (closes: #83426)
++ * libssl0.9.6 drops replaces libssl09 (Closes: #83425)
++ * install upstream CHANGES files (Closes: #83430)
++ * added support for hppa and ia64 (Closes: #88790)
++ * move man3 manpages to libssl-dev (Closes: #87546)
++ * fix formating problem in rand_add(1) (Closes: #87547)
++ * remove manpage duplicates (Closes: #87545, #74986)
++ * make package descriptions clearer (Closes: #83518, #83444)
++ * increase default emailAddress_max from 40 to 60 (Closes: #67238)
++ * removed RSAREF warning (Closes: #84122)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 8 Mar 2001 14:24:00 +0100
++
++openssl (0.9.6-1) unstable; urgency=low
++
++ * New upstream version (Thanks to Enrique Zanardi <ezanard@debian.org>)
++ (closes: #72388)
++ * Add support for debian-hurd (closes: #76032)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 13 Nov 2000 22:30:46 +0100
++
++openssl (0.9.5a-5) unstable; urgency=low
++
++ * move manpages in standard directories with section ssl (closes:
++ #72152, #69809)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 5 Oct 2000 19:56:20 +0200
++
++openssl (0.9.5a-4) unstable; urgency=low
++
++ * include edg_rand_bytes patch from and for apache-ssl
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 23 Sep 2000 16:48:06 +0200
++
++openssl (0.9.5a-3) unstable; urgency=low
++
++ * fix call to dh_makeshlibs to create correct shlibs file and make
++ dependend programs link correctly (closes: Bug#61658)
++ * include a note in README.debian concerning the location of the
++ subcommand manpages (closes: Bug#69809)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 16 Sep 2000 19:10:50 +0200
++
++openssl (0.9.5a-2) unstable; urgency=low
++
++ * try to fix the sharedlib problem. change soname of library
++ (closes: Bug#4622, #66102, #66538, #66123)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 12 Jul 2000 03:26:30 +0200
++
++openssl (0.9.5a-1) unstable; urgency=low
++
++ * new upstream version (major changes see file NEWS) (closes: Bug#63976,
++ #65239, #65358)
++ * new library package libssl095a because of probably changed library
++ interface (closes: Bug#46222)
++ * added architecture mips and mipsel (closes: Bug#62437, #60366)
++ * provide shlibs.local file in build to help build if libraries are not
++ yet installed (closes: Bug#63984)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 11 Jun 2000 15:17:35 +0200
++
++openssl (0.9.4-5) frozen unstable; urgency=medium
++
++ * cleanup of move of doc directories to /usr/share/doc (closes:
++ Bug#56430)
++ * lintian issues (closes: Bug#49358)
++ * move demos from openssl to libssl09-dev (closes: Bug#59201)
++ * move to debhelpers
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 11 Mar 2000 10:38:04 +0100
++
++openssl (0.9.4-4) unstable; urgency=medium
++
++ * Added 'debian-arm' in 'Configure'. (closes: Bug#54251, #54766)
++ * Fixed Configure for 'debian-m68k' (closes: Bug#53636)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 15 Jan 2000 13:16:18 +0100
++
++openssl (0.9.4-3) unstable; urgency=low
++
++ * define symbol SSLeay_add_ssl_algorithms for backward compatibility
++ (closes: Bug#46882)
++ * remove manpages from /usr/doc/openssl (closes: Bug#46791)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 14 Oct 1999 16:51:08 +0200
++
++openssl (0.9.4-2) unstable; urgency=low
++
++ * include some more docu in pod format (Bug #43933)
++ * removed -mv8 from sparc flags (Bug #44769)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 14 Sep 1999 22:04:06 +0200
++
++openssl (0.9.4-1) unstable; urgency=low
++
++ * new upstream version (Closes: #42926)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 28 Aug 1999 17:04:23 +0200
++
++openssl (0.9.3a-1) unstable; urgency=low
++
++ * new upstream version (Bug #38345, #38627)
++ * sparc is big-endian (Bug #39973)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 7 Jul 1999 16:03:37 +0200
++
++openssl (0.9.2b-3) unstable; urgency=low
++
++ * correct move conffiles to /etc/ssl (Bug #38570)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 31 May 1999 21:08:07 +0200
++
++openssl (0.9.2b-2) unstable; urgency=low
++
++ * added convenience package ssleay to help upgrade to openssl (Bug
++ #37185, #37623, #36326)
++ * added some missing dependencies from libssl09 (Bug #36681, #35867,
++ #36326)
++ * move lib*.so to libssl09-dev (Bug #36761)
++ * corrected version numbers of library files
++ * introduce link from /usr/lib/ssl to /etc/ssl (Bug #36710)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 23 May 1999 14:57:48 +0200
++
++openssl (0.9.2b-1) unstable; urgency=medium
++
++ * First openssl version
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 31 Mar 1999 15:54:26 +0200
++
++ssleay (0.9.0b-2) unstable; urgency=low
++
++ * Include message about the (not)usage of RSAREF (#24409)
++ * Move configfiles from /usr/lib/ssl to /etc/ssl (#26406)
++ * Change definitions for sparc (#26487)
++ * Added missing dependency (#28591)
++ * Make debian/libtool executable (#29708)
++ * /etc/ssl/lib/ssleay.cnf is now a confile (#32624)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 21 Mar 1999 19:41:04 +0100
++
++ssleay (0.9.0b-1) unstable; urgency=low
++
++ * new upstream version (Bug #21227, #25971)
++ * build shared libraries with -fPIC (Bug #20027)
++ * support sparc architecture (Bug #28467)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 13 Oct 1998 10:20:13 +0200
++
++ssleay (0.8.1-7) frozen unstable; urgency=high
++
++ * security fix patch to 0.8.1b (bug #24022)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 6 Jul 1998 15:42:15 +0200
++
++ssleay (0.8.1-6) frozen unstable; urgency=low
++
++ * second try to fix bug #15235 (copyright was still missing)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 22 Jun 1998 08:56:27 +0200
++
++ssleay (0.8.1-5) frozen unstable; urgency=high
++
++ * changed /dev/random to /dev/urandom (Bug #23169, #17817)
++ * copyright contains now the full licence (Bug #15235)
++ * fixed bug #19410 (md5sums-lists-nonexisting-file)
++ * added demos to /usr/doc (Bug #17372)
++ * fixed type in package description (Bug #18969)
++ * fixed bug in adding documentation (Bug #21463)
++ * added patch for support of debian-powerpc (Bug #21579)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 18 Jun 1998 23:09:13 +0200
++
++ssleay (0.8.1-4) unstable; urgency=low
++
++ * purged dependency from libc5
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 11 Nov 1997 15:31:50 +0100
++
++ssleay (0.8.1-3) unstable; urgency=low
++
++ * changed packagename libssl to libssl08 to get better dependancies
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 7 Nov 1997 14:23:17 +0100
++
++ssleay (0.8.1-2) unstable; urgency=low
++
++ * linked shared libraries against libc6
++ * use /dev/random for randomseed
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 5 Nov 1997 11:21:40 +0100
++
++ssleay (0.8.1-1) unstable; urgency=low
++
++ * new upstream version
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 16 Oct 1997 16:15:43 +0200
++
++ssleay (0.6.6-2) unstable; urgency=low
++
++ * cleanup in diffs
++ * removed INSTALL from docs (bug #13205)
++ * split libssl and libssl-dev (but #13735)
++
++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 15 Oct 1997 17:38:38 +0200
++
++ssleay (0.6.6-1) unstable; urgency=low
++
++ * New upstream version
++ * added shared libraries for libcrypto and libssl
++
++ -- Christoph Martin <martin@uni-mainz.de> Thu, 26 Jun 1997 19:26:14 +0200
++
++ssleay (0.6.4-2) unstable; urgency=low
++
++ * changed doc filenames from .doc to .txt to be able to read them
++ over with webbrowser
++
++ -- Christoph Martin <martin@uni-mainz.de> Tue, 25 Feb 1997 14:02:53 +0100
++
++ssleay (0.6.4-1) unstable; urgency=low
++
++ * Initial Release.
++
++ -- Christoph Martin <martin@uni-mainz.de> Fri, 22 Nov 1996 21:29:51 +0100
+--- openssl097-0.9.7g.orig/debian/rules
++++ openssl097-0.9.7g/debian/rules
+@@ -0,0 +1,173 @@
++#!/usr/bin/make -f
++# Sample debian.rules file - for GNU Hello (1.3).
++# Copyright 1994,1995 by Ian Jackson.
++# I hereby give you perpetual unlimited permission to copy,
++# modify and relicense this file, provided that you do not remove
++# my name from the file itself. (I assert my moral right of
++# paternity under the Copyright, Designs and Patents Act 1988.)
++# This file may have to be extensively modified
++#
++# Modified to be a prototype for debmake by Christoph Lameter <clameter@debian.org>
++SHELL=/bin/bash
++export DH_COMPAT=3
++
++package=openssl
++
++# For generating the manpages
++export VERSION=$(shell dpkg-parsechangelog | grep '^Version:' | sed -e 's/^.*://' -e 's/-.*//')
++
++# The binary architeture
++DEB_HOST_ARCH = $(shell dpkg-architecture -qDEB_HOST_ARCH)
++
++CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug
++OPT_alpha = ev4 ev5
++OPT_i386 = i486 i586 i686/cmov
++OPT_sparc = v8 v9
++ARCHOPTS = OPT_$(DEB_HOST_ARCH)
++OPTS = $($(ARCHOPTS))
++WANTED_LIBC_VERSION = 2.3.1-10
++
++build:
++ dh_testdir
++ perl util/perlpath.pl /usr/bin
++# perl util/ssldir.pl /usr/lib/ssl
++# chmod +x debian/libtool
++ ./Configure no-shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
++ make -f Makefile DIRS="crypto ssl" all
++ mv libcrypto.a libcrypto.static
++ mv libssl.a libssl.static
++ make -f Makefile DIRS="crypto ssl" clean
++ test -z "$(OPTS)" || for opt in $(OPTS); \
++ do \
++ set -xe; \
++ ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)-$$opt; \
++ make -f Makefile DIRS="crypto ssl" all; \
++ mkdir -p $$opt; \
++ mv libcrypto.so* libssl.so* $$opt/; \
++ make -f Makefile DIRS="crypto ssl" clean; \
++ done
++ ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
++ #make -f Makefile depend
++ ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/
++# make -f Makefile linux-shared
++ make -f Makefile all
++# strip apps/openssl
++# make -f Makefile clean DIRS="crypto ssl"
++# ./Configure --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 debian-$(DEB_HOST_ARCH)
++# make -f Makefile all DIRS="crypto ssl"
++ touch build
++
++clean:
++ dh_testdir
++ dh_testroot
++ -rm -f build
++ -perl util/perlpath.pl /usr/bin
++ -./Configure $(CONFARGS) debian-$(DEB_HOST_ARCH)
++ -make -f Makefile clean clean-shared
++ #-make -f Makefile dclean
++ -perl util/perlpath.pl /usr/local/bin/perl
++# perl util/ssldir.pl /usr/local/ssl
++ -rm -f test/.rnd test/testkey.pem test/testreq.pem test/certCA.srl
++ -rm -f util/mk1mf.bak Makefile.bak `find . -name Makefile.save`
++ -rm -f crypto/pem/ctx_size
++ -rm -f `find . -name "*~"`
++ -rm -f `find . -name "*.orig" -o -name "*.rej"`
++ -rm -f certs/*.0 certs/*.1
++# -rm -rf debian/tmp debian/files* core `find debian/* -type d`
++ -rm -rf core $(OPTS)
++ -rm doc/*.pod
++ -rm -f libcrypto.* libssl.*
++ dh_clean
++
++binary-indep: build
++ dh_testdir
++ dh_testroot
++# There are no architecture-independent files to be uploaded
++# generated by this package. If there were any they would be
++# made here.
++
++binary-arch: build
++ dh_testdir
++ dh_testroot
++ dh_clean
++# -rm -rf debian/tmp `find debian/* -type d`
++# install -d debian/tmp debian/libssl0.9.7 debian/libssl0.9.7-dev
++# cd debian/tmp && install -d `cat ../dirs`
++# cd debian/libssl09 && install -d `cat ../libssl09.dirs`
++# cd debian/libssl09-dev && install -d `cat ../libssl09-dev.dirs`
++ dh_installdirs
++#openssl install
++ make -f Makefile install INSTALL_PREFIX=`pwd`/debian/tmp
++ rm debian/tmp/usr/share/man/man1/openssl.1
++ rm debian/tmp/usr/share/man/man3/crypto.3
++ rm debian/tmp/usr/share/man/man3/ssl.3
++# rm debian/tmp/usr/lib/libcrypto.a
++# rm debian/tmp/usr/lib/libssl.a
++ mv debian/tmp/usr/lib/libcrypto.a debian/tmp/usr/lib/libcrypto_pic.a
++ mv debian/tmp/usr/lib/libssl.a debian/tmp/usr/lib/libssl_pic.a
++ cp -pf libcrypto.static debian/tmp/usr/lib/libcrypto.a
++ cp -pf libssl.static debian/tmp/usr/lib/libssl.a
++# mv debian/tmp/usr/lib/ssl/bin debian/tmp/usr/bin/ssl
++# (cd debian/tmp/usr/lib/ssl; ln -s /usr/bin/ssl bin)
++# mv debian/tmp/usr/lib/ssl/include debian/tmp/usr/include/ssl
++# (cd debian/tmp/usr/lib/ssl; ln -s /usr/include/ssl include)
++# chmod -x debian/tmp/usr/lib/*.so.*
++# mv debian/tmp/usr/lib/*.a debian/libssl09-dev/usr/lib/
++# mv debian/tmp/usr/lib/*.so debian/libssl09-dev/usr/lib/
++# mv debian/tmp/usr/lib/*.so.*.*.* debian/libssl09/usr/lib/
++# mv debian/tmp/usr/lib/*.la debian/libssl09-dev/usr/lib/
++# mv debian/tmp/usr/include debian/libssl09-dev/usr/
++ mkdir -p debian/tmp/etc/ssl
++ mv debian/tmp/usr/lib/ssl/{certs,openssl.cnf,private} debian/tmp/etc/ssl/
++ ln -s /etc/ssl/{certs,openssl.cnf,private} debian/tmp/usr/lib/ssl/
++ cp -auv lib*.so* debian/tmp/usr/lib/
++# cp -auv lib*.a debian/tmp/usr/lib/
++ for opt in $(OPTS); do set -xe; mkdir -p debian/tmp/usr/lib/$$opt; cp -auv $$opt/lib*.so* debian/tmp/usr/lib/$$opt/; done
++ install debian/copyright debian/libssl0.9.7/usr/share/doc/libssl0.9.7/
++ install debian/changelog debian/libssl0.9.7/usr/share/doc/libssl0.9.7/changelog.Debian
++# install debian/copyright debian/libssl0.9.7-dev/usr/share/doc/libssl0.9.7-dev/
++# install debian/changelog debian/libssl0.9.7-dev/usr/share/doc/libssl0.9.7-dev/changelog.Debian
++# debstd -u CHANGES* LICENSE README NEWS
++ dh_installdocs CHANGES.SSLeay LICENSE README NEWS debian/README.optimization
++ dh_installexamples
++ dh_installchangelogs CHANGES
++# dh_installmenu
++# dh_installcron
++ dh_installdebconf
++# dh_undocumented c_rehash.1
++ dh_movefiles
++# rmdir debian/tmp/usr/lib/ssl/lib
++# rmdir debian/tmp/usr/include/openssl
++# rmdir debian/tmp/usr/include
++# for opt in $(OPTS); do set -xe; rm -fr debian/tmp/usr/lib/$$opt; done
++ dh_compress
++ dh_fixperms -X etc/ssl/private
++ dh_strip --dbg-package=libssl0.9.7
++ dh_perl -d
++# dh_suidregister
++ dh_shlibdeps -l`pwd` -Xlibssl.so
++ # Hack, to depend on version of libc6 which supports the i686 directory
++ if [ "${DEB_HOST_ARCH}" == "i386" ]; \
++ then \
++ SHLIB=`cat debian/libssl0.9.7.substvars`; \
++ LIBC_VERSION=`echo $$SHLIB | sed s'/.*libc6 (>= \(.*\))/\1/'`; \
++ if dpkg --compare-versions ${WANTED_LIBC_VERSION} gt $$LIBC_VERSION; \
++ then \
++ echo $$SHLIB | sed s'/libc6 (>= \(.*\))/libc6 (>= ${WANTED_LIBC_VERSION})/' > debian/libssl0.9.7.substvars; \
++ fi \
++ fi
++ dh_gencontrol
++ dh_makeshlibs -m 0.9.7
++ dh_installdeb
++ dh_md5sums
++ dh_builddeb
++ echo -en "\a"
++
++# Below here is fairly generic really
++
++binary: binary-indep binary-arch
++
++source diff:
++ @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false
++
++.PHONY: binary binary-arch binary-indep clean
+--- openssl097-0.9.7g.orig/debian/libssl0.9.7.postinst
++++ openssl097-0.9.7g/debian/libssl0.9.7.postinst
+@@ -0,0 +1,139 @@
++#!/bin/sh -e
++
++. /usr/share/debconf/confmodule
++
++package_name()
++{
++ echo $(basename $0 .postinst)
++}
++
++# element() is a helper function for file-rc:
++element() {
++ local element list IFS
++
++ element="$1"
++
++ [ "$2" = "in" ] && shift
++ list="$2"
++ [ "$list" = "-" ] && return 1
++ [ "$list" = "*" ] && return 0
++
++ IFS=","
++ set -- $list
++ case $element in
++ "$1"|"$2"|"$3"|"$4"|"$5"|"$6"|"$7"|"$8"|"$9")
++ return 0
++ esac
++ return 1
++}
++
++# filerc (runlevel, service) returns /etc/init.d/service, if service is
++# running in $runlevel:
++filerc() {
++ local runlevel basename
++ runlevel=$1
++ basename=$2
++ while read LINE
++ do
++ case $LINE in
++ \#*|"") continue
++ esac
++
++ set -- $LINE
++ SORT_NO="$1"; STOP="$2"; START="$3"; CMD="$4"
++ [ "$CMD" = "/etc/init.d/$basename" ] || continue
++
++ if element "$runlevel" in "$START" || element "S" in "$START"
++ then
++ echo "/etc/init.d/$basename"
++ return 0
++ fi
++ done < /etc/runlevel.conf
++ echo ""
++}
++
++if [ "$1" = "configure" ]
++then
++ if [ ! -z "$2" ]; then
++ if dpkg --compare-versions "$2" lt 0.9.7d-1; then
++ echo -n "Checking for services that may need to be restarted..."
++
++ check="sendmail ssh"
++ check="$check apache2-common ssh-nonfree exim4"
++ check="$check apache-ssl libapache-mod-ssl openvpn spamassassin"
++ check="$check courier-imap-ssl courier-mta-ssl courier-pop-ssl"
++ check="$check postfix-tls cyrus21-imapd cyrus21-pop3d"
++ check="$check postgresql racoon"
++ # Only get the ones that are installed, and configured
++ check=$(dpkg -s $check 2> /dev/null | sed '/^$/{N;/^\n$/D;}' | awk 'BEGIN{RS="\n\n";FS="\n"}{if ( $2 ~ /Status: .* installed$/ ) { print $1 } }' | cut -f 2 -d ' ')
++ # apache2 ships its init script in apache2-common, but the
++ # script is apache2
++ check=$(echo $check | sed 's/apache2-common/apache2/g')
++ # For mod-ssl apache has to be restarted
++ check=$(echo $check | sed 's/libapache-mod-ssl/apache/g')
++ rl=$(runlevel | awk '{print $2}')
++ for service in $check; do
++ if [ -f /usr/share/file-rc/rc -o -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then
++ idl=$(filerc $rl $service)
++ else
++ idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
++ fi
++ if [ -n "$idl" ] && [ -x $idl ]; then
++ services="$service $services"
++ fi
++ done
++ echo "done."
++ if [ -n "$services" ]; then
++ db_version 2.0
++
++ db_reset libssl0.9.7/restart-services
++ db_set libssl0.9.7/restart-services "$services"
++ db_input critical libssl0.9.7/restart-services || true
++ db_go || true
++ db_get libssl0.9.7/restart-services
++ # Arghhh, close all the stupid debconf pipes
++ db_stop
++
++ if [ "x$RET" != "x" ]
++ then
++ services=$RET
++ answer=yes
++ else
++ answer=no
++ fi
++ echo
++ if [ "$answer" = yes ] && [ "$services" != "" ]; then
++ echo "Restarting services possibly affected by the upgrade:"
++ failed=""
++ for service in $services; do
++ idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
++ echo -n " $service: stopping..."
++ $idl stop > /dev/null 2>&1 || true
++ sleep 1
++ echo -n "starting..."
++ if $idl start > /dev/null 2>&1; then
++ echo "done."
++ else
++ echo "FAILED! ($?)"
++ failed="$service $failed"
++ fi
++ done
++ echo
++ if [ -n "$failed" ]; then
++ # Ruh roh, George
++ echo "The following services failed to start: $failed"
++ echo
++ echo "You will need to start these manually by running \`/etc/init.d/<service> start'"
++ echo "If the service still fails to start, you may need to file a bug on"
++ echo "$(package_name) or the service involved."
++ else
++ echo "Services restarted successfully."
++ fi
++ echo
++ fi
++ fi
++ fi # end upgrading and $2 lt 0.9.7c-1
++ fi # Upgrading
++fi
++
++#DEBHELPER#
+--- openssl097-0.9.7g.orig/debian/watch
++++ openssl097-0.9.7g/debian/watch
+@@ -0,0 +1,2 @@
++version=2
++ftp://ftp.openssl.org/source/openssl-(\d+\.\d+\.\d+[a-z]?)\.tar\.gz debian uupdate
+--- openssl097-0.9.7g.orig/debian/libssl0.9.7.preinst
++++ openssl097-0.9.7g/debian/libssl0.9.7.preinst
+@@ -0,0 +1,3 @@
++#!/bin/sh -e
++
++#DEBHELPER#
+--- openssl097-0.9.7g.orig/debian/libssl0.9.7.prerm
++++ openssl097-0.9.7g/debian/libssl0.9.7.prerm
+@@ -0,0 +1,3 @@
++#!/bin/sh -e
++
++#DEBHELPER#
+--- openssl097-0.9.7g.orig/debian/copyright
++++ openssl097-0.9.7g/debian/copyright
+@@ -0,0 +1,135 @@
++This package was debianized by Christoph Martin martin@uni-mainz.de on
++Fri, 22 Nov 1996 21:29:51 +0100.
++
++Copyright (c) 1998-2004 The OpenSSL Project
++Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
++
++The upstream sources were obtained from http://www.openssl.org/
++
++
++ LICENSE ISSUES
++ ==============
++
++ The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
++ the OpenSSL License and the original SSLeay license apply to the toolkit.
++ See below for the actual license texts. Actually both licenses are BSD-style
++ Open Source licenses. In case of any license issues related to OpenSSL
++ please contact openssl-core@openssl.org.
++
++ OpenSSL License
++ ---------------
++
++/* ====================================================================
++ * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in
++ * the documentation and/or other materials provided with the
++ * distribution.
++ *
++ * 3. All advertising materials mentioning features or use of this
++ * software must display the following acknowledgment:
++ * "This product includes software developed by the OpenSSL Project
++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
++ *
++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
++ * endorse or promote products derived from this software without
++ * prior written permission. For written permission, please contact
++ * openssl-core@openssl.org.
++ *
++ * 5. Products derived from this software may not be called "OpenSSL"
++ * nor may "OpenSSL" appear in their names without prior written
++ * permission of the OpenSSL Project.
++ *
++ * 6. Redistributions of any form whatsoever must retain the following
++ * acknowledgment:
++ * "This product includes software developed by the OpenSSL Project
++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ * ====================================================================
++ *
++ * This product includes cryptographic software written by Eric Young
++ * (eay@cryptsoft.com). This product includes software written by Tim
++ * Hudson (tjh@cryptsoft.com).
++ *
++ */
++
++ Original SSLeay License
++ -----------------------
++
++/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
++ * All rights reserved.
++ *
++ * This package is an SSL implementation written
++ * by Eric Young (eay@cryptsoft.com).
++ * The implementation was written so as to conform with Netscapes SSL.
++ *
++ * This library is free for commercial and non-commercial use as long as
++ * the following conditions are aheared to. The following conditions
++ * apply to all code found in this distribution, be it the RC4, RSA,
++ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
++ * included with this distribution is covered by the same copyright terms
++ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
++ *
++ * Copyright remains Eric Young's, and as such any Copyright notices in
++ * the code are not to be removed.
++ * If this package is used in a product, Eric Young should be given attribution
++ * as the author of the parts of the library used.
++ * This can be in the form of a textual message at program startup or
++ * in documentation (online or textual) provided with the package.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ * 1. Redistributions of source code must retain the copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. All advertising materials mentioning features or use of this software
++ * must display the following acknowledgement:
++ * "This product includes cryptographic software written by
++ * Eric Young (eay@cryptsoft.com)"
++ * The word 'cryptographic' can be left out if the rouines from the library
++ * being used are not cryptographic related :-).
++ * 4. If you include any Windows specific code (or a derivative thereof) from
++ * the apps directory (application code) you must include an acknowledgement:
++ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
++ *
++ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
++ * SUCH DAMAGE.
++ *
++ * The licence and distribution terms for any publically available version or
++ * derivative of this code cannot be changed. i.e. this code cannot simply be
++ * copied and put under another distribution licence
++ * [including the GNU Public Licence.]
++ */
++
+--- openssl097-0.9.7g.orig/debian/shlibs.local
++++ openssl097-0.9.7g/debian/shlibs.local
+@@ -0,0 +1,2 @@
++libcrypto 0.9.7 libssl0.9.7
++libssl 0.9.7 libssl0.9.7
+--- openssl097-0.9.7g.orig/debian/README.debian
++++ openssl097-0.9.7g/debian/README.debian
+@@ -0,0 +1,52 @@
++openssl for DEBIAN
++----------------------
++
++openssl replaces ssleay.
++
++The application links to openssl like req, ca, verify and s_client
++have been removed.
++
++Instead of `<application>` please call now `openssl <application>`
++
++eg:
++instead of `req` please call `openssl req`
++
++NOTE: The libssl library version for debian-i386 is optimized for
++486-processors and better. It will not run on 386-processors.
++
++----
++Self-signed certs and webservers:
++
++If you get with a selfsigned certificate and a webserver:
++ > "The certificate is not approved for the attempted operation."
++
++Bodo_Moeller@public.uni-hamburg.de (Bodo Moeller) writes:
++>Probably you are using a CA certificate for your server; if you use
++>"openssl req" to generate a new key and self-signed certificate with
++>the default openssl.cnf, the certificate you get includes certain
++>X.509v3 extensions that make it unfit for use as a server certificate.
++>This was not so with earlier versions of the software because back
++>then there was far less X.509v3 support.
++>
++>To look at the certificate some HTTPS server presents to its cliens,
++>use "openssl s_client -port 443 -host your.server", store the output
++>(at least the part from "-----BEGIN CERTIFICATE-----" up to "-----END
++>CERTIFICATE-----", including these separators) in a file and use
++>"openssl x509 -in the_file_you_just_stored -text" to look at it in
++>readable form. If it has in the "X509v3 extensions section" any of
++>the following entries, it is not usable as a server certificate:
++>
++> X509v3 Basic Constraints:
++> CA:TRUE
++>
++> X509v3 Key Usage:
++> Certificate Sign, CRL Sign
++>
++>To quickly create a new server key and certificate that works with
++>Netscape, you can just copy the original openssl.cnf file and comment
++>out the "x509_extensions" entry in the "[ req ]" section.
++>The, use "openssl req ..." as before to create a new certificate and
++>key.
++
++
++Christoph Martin <martin@uni-mainz.de>, Wed, 31 Mar 1999 16:00:51 +0200
diff --git a/recipes/openssl/openssl-0.9.7g/debian.patch.lock b/recipes/openssl/openssl-0.9.7g/debian.patch.lock
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7g/debian.patch.lock
diff --git a/recipes/openssl/openssl-0.9.7g/gnueabi-arm.patch b/recipes/openssl/openssl-0.9.7g/gnueabi-arm.patch
new file mode 100644
index 0000000000..be0adbdea7
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7g/gnueabi-arm.patch
@@ -0,0 +1,15 @@
+
+#
+# Patch managed by http://www.mn-logistik.de/unsupported/pxa250/patcher
+#
+
+--- openssl-0.9.7e/Configure~gnueabi-arm 2006-03-19 21:04:31.000000000 +0100
++++ openssl-0.9.7e/Configure 2006-03-19 21:07:22.000000000 +0100
+@@ -462,6 +462,7 @@
+ # Linux on ARM
+ "linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-elf-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-gnueabi-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ # SCO/Caldera targets.
+ #
diff --git a/recipes/openssl/openssl-0.9.7g/gnueabi-arm.patch.lock b/recipes/openssl/openssl-0.9.7g/gnueabi-arm.patch.lock
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7g/gnueabi-arm.patch.lock
diff --git a/recipes/openssl/openssl-0.9.7g/gnueabi-armeb.patch b/recipes/openssl/openssl-0.9.7g/gnueabi-armeb.patch
new file mode 100644
index 0000000000..38f725b789
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7g/gnueabi-armeb.patch
@@ -0,0 +1,10 @@
+--- openssl-0.9.7g/Configure~ 2007-07-07 21:08:27.000000000 +0930
++++ openssl-0.9.7g/Configure 2007-07-07 21:13:41.000000000 +0930
+@@ -477,6 +477,7 @@
+ "linux-elf-arm","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-elf-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-gnueabi-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-gnueabi-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ # SCO/Caldera targets.
+ #
diff --git a/recipes/openssl/openssl-0.9.7g/gnueabi-armeb.patch.lock b/recipes/openssl/openssl-0.9.7g/gnueabi-armeb.patch.lock
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7g/gnueabi-armeb.patch.lock
diff --git a/recipes/openssl/openssl-0.9.7g/uclibcgnueabi.patch b/recipes/openssl/openssl-0.9.7g/uclibcgnueabi.patch
new file mode 100644
index 0000000000..d89bfdeec9
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7g/uclibcgnueabi.patch
@@ -0,0 +1,12 @@
+--- /tmp/Configure.patched 2007-08-27 18:34:23.412489103 +0200
++++ openssl-0.9.7g/Configure 2007-08-27 18:35:05.134866725 +0200
+@@ -478,6 +478,9 @@
+ "linux-elf-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-gnueabi-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-gnueabi-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-uclibcgnueabi-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-uclibcgnueabi-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++
+
+ # SCO/Caldera targets.
+ #
diff --git a/recipes/openssl/openssl-0.9.7m/armeb.patch b/recipes/openssl/openssl-0.9.7m/armeb.patch
new file mode 100644
index 0000000000..7539506949
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7m/armeb.patch
@@ -0,0 +1,18 @@
+--- Configure.orig 2006-03-22 16:29:20.000000000 +0100
++++ Configure 2006-03-22 16:31:44.000000000 +0100
+@@ -395,6 +395,7 @@
+ "debian-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "debian-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-armeb","gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ #"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ #"debian-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+@@ -474,6 +475,7 @@
+ # ARM comes in both little- and big-endian flavors. The following line is
+ # endian neutral, but ./config is free to throw in -D[BL]_ENDIAN...
+ "linux-elf-arm","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-elf-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ # SCO/Caldera targets.
+ #
diff --git a/recipes/openssl/openssl-0.9.7m/avr32.patch b/recipes/openssl/openssl-0.9.7m/avr32.patch
new file mode 100644
index 0000000000..b6ac81b717
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7m/avr32.patch
@@ -0,0 +1,10 @@
+--- Configure~ 2008-01-23 17:44:04.000000000 +0100
++++ Configure 2008-01-23 17:44:04.000000000 +0100
+@@ -442,6 +442,7 @@
+ "linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc32.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ # -bpowerpc64-linux is transient option, -m64 should be the one to use...
++"linux-avr32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
+ "linux-ppc64", "gcc:-bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc64.o:::::::::dlfcn:linux-shared:-fPIC:-bpowerpc64-linux:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::",
+ "linux-s390", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/recipes/openssl/openssl-0.9.7m/debian.patch b/recipes/openssl/openssl-0.9.7m/debian.patch
new file mode 100644
index 0000000000..f5fd51bf36
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7m/debian.patch
@@ -0,0 +1,832 @@
+Index: openssl-0.9.7m/tools/c_rehash.in
+===================================================================
+--- openssl-0.9.7m.orig/tools/c_rehash.in 2002-10-11 22:35:45.000000000 +0200
++++ openssl-0.9.7m/tools/c_rehash.in 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl
++#!/usr/bin/perl
+
+
+ # Perl c_rehash script, scan all files in a directory
+Index: openssl-0.9.7m/tools/c_rehash
+===================================================================
+--- openssl-0.9.7m.orig/tools/c_rehash 2007-02-23 13:52:38.000000000 +0100
++++ openssl-0.9.7m/tools/c_rehash 2008-04-12 02:37:45.000000000 +0200
+@@ -6,7 +6,7 @@
+
+ my $openssl;
+
+-my $dir = "/usr/local/ssl";
++my $dir = "/usr/lib/ssl";
+
+ if(defined $ENV{OPENSSL}) {
+ $openssl = $ENV{OPENSSL};
+Index: openssl-0.9.7m/crypto/md5/asm/md5-sparcv9.S
+===================================================================
+--- openssl-0.9.7m.orig/crypto/md5/asm/md5-sparcv9.S 2003-05-30 00:22:34.000000000 +0200
++++ openssl-0.9.7m/crypto/md5/asm/md5-sparcv9.S 2008-04-12 02:37:45.000000000 +0200
+@@ -74,14 +74,14 @@
+ #define Dval R8
+
+ #if defined(MD5_BLOCK_DATA_ORDER)
+-# if defined(OPENSSL_SYSNAME_ULTRASPARC)
++/*# if defined(OPENSSL_SYSNAME_ULTRASPARC)*/
+ # define LOAD lda
+ # define X(i) [%i1+i*4]%asi
+ # define md5_block md5_block_asm_data_order_aligned
+ # define ASI_PRIMARY_LITTLE 0x88
+-# else
++/*# else
+ # error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!"
+-# endif
++# endif*/
+ #else
+ # define LOAD ld
+ # define X(i) [%i1+i*4]
+Index: openssl-0.9.7m/crypto/pkcs7/pk7_mime.c
+===================================================================
+--- openssl-0.9.7m.orig/crypto/pkcs7/pk7_mime.c 2005-05-01 14:47:33.000000000 +0200
++++ openssl-0.9.7m/crypto/pkcs7/pk7_mime.c 2008-04-12 02:37:45.000000000 +0200
+@@ -297,9 +297,9 @@
+
+ if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
+ strcmp(hdr->value, "application/pkcs7-signature")) {
+- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE);
+ ERR_add_error_data(2, "type: ", hdr->value);
++ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ sk_BIO_pop_free(parts, BIO_vfree);
+ return NULL;
+ }
+Index: openssl-0.9.7m/crypto/dsa/dsa_ossl.c
+===================================================================
+--- openssl-0.9.7m.orig/crypto/dsa/dsa_ossl.c 2006-09-28 13:53:49.000000000 +0200
++++ openssl-0.9.7m/crypto/dsa/dsa_ossl.c 2008-04-12 02:37:45.000000000 +0200
+@@ -286,6 +286,18 @@
+ return -1;
+ }
+
++ if (BN_num_bits(dsa->q) != 160)
++ {
++ DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE);
++ return -1;
++ }
++
++ if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS)
++ {
++ DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
++ return -1;
++ }
++
+ BN_init(&u1);
+ BN_init(&u2);
+ BN_init(&t1);
+Index: openssl-0.9.7m/crypto/dsa/dsa.h
+===================================================================
+--- openssl-0.9.7m.orig/crypto/dsa/dsa.h 2006-09-28 13:53:49.000000000 +0200
++++ openssl-0.9.7m/crypto/dsa/dsa.h 2008-04-12 02:37:45.000000000 +0200
+@@ -83,6 +83,10 @@
+ # define OPENSSL_DSA_MAX_MODULUS_BITS 10000
+ #endif
+
++#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
++# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
++#endif
++
+ #define DSA_FLAG_CACHE_MONT_P 0x01
+ #define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
+ * implementation now uses constant time
+Index: openssl-0.9.7m/crypto/rc4/asm/rc4-x86_64.pl
+===================================================================
+--- openssl-0.9.7m.orig/crypto/rc4/asm/rc4-x86_64.pl 2005-05-04 18:12:07.000000000 +0200
++++ openssl-0.9.7m/crypto/rc4/asm/rc4-x86_64.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+Index: openssl-0.9.7m/crypto/asn1/charmap.pl
+===================================================================
+--- openssl-0.9.7m.orig/crypto/asn1/charmap.pl 2000-07-28 03:58:11.000000000 +0200
++++ openssl-0.9.7m/crypto/asn1/charmap.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ use strict;
+
+Index: openssl-0.9.7m/crypto/sha/asm/sha1-ia64.pl
+===================================================================
+--- openssl-0.9.7m.orig/crypto/sha/asm/sha1-ia64.pl 2004-12-09 21:55:52.000000000 +0100
++++ openssl-0.9.7m/crypto/sha/asm/sha1-ia64.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+Index: openssl-0.9.7m/crypto/bn/asm/ppc.pl
+===================================================================
+--- openssl-0.9.7m.orig/crypto/bn/asm/ppc.pl 2005-07-03 11:24:35.000000000 +0200
++++ openssl-0.9.7m/crypto/bn/asm/ppc.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # Implemented as a Perl wrapper as we want to support several different
+ # architectures with single file. We pick up the target based on the
+Index: openssl-0.9.7m/crypto/rsa/rsa_eay.c
+===================================================================
+--- openssl-0.9.7m.orig/crypto/rsa/rsa_eay.c 2006-12-04 21:41:46.000000000 +0100
++++ openssl-0.9.7m/crypto/rsa/rsa_eay.c 2008-04-12 02:37:45.000000000 +0200
+@@ -336,6 +336,28 @@
+ int local_blinding = 0;
+ BN_BLINDING *blinding = NULL;
+
++ if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
++ {
++ RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
++ return -1;
++ }
++
++ if (BN_ucmp(rsa->n, rsa->e) <= 0)
++ {
++ RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
++ return -1;
++ }
++
++ /* for large moduli, enforce exponent limit */
++ if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
++ {
++ if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
++ {
++ RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
++ return -1;
++ }
++ }
++
+ BN_init(&f);
+ BN_init(&ret);
+
+@@ -644,6 +666,28 @@
+ }
+ }
+
++ if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
++ {
++ RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
++ return -1;
++ }
++
++ if (BN_ucmp(rsa->n, rsa->e) <= 0)
++ {
++ RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
++ return -1;
++ }
++
++ /* for large moduli, enforce exponent limit */
++ if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
++ {
++ if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
++ {
++ RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
++ return -1;
++ }
++ }
++
+ BN_init(&f);
+ BN_init(&ret);
+ ctx=BN_CTX_new();
+Index: openssl-0.9.7m/crypto/rsa/rsa.h
+===================================================================
+--- openssl-0.9.7m.orig/crypto/rsa/rsa.h 2006-09-28 13:53:50.000000000 +0200
++++ openssl-0.9.7m/crypto/rsa/rsa.h 2008-04-12 02:37:45.000000000 +0200
+@@ -165,6 +165,17 @@
+ # define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */
+ #endif
+
++#ifndef OPENSSL_RSA_MAX_MODULUS_BITS
++# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
++#endif
++
++#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
++# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
++#endif
++#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
++# define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "small" modulus only */
++#endif
++
+ #define RSA_3 0x3L
+ #define RSA_F4 0x10001L
+
+Index: openssl-0.9.7m/crypto/opensslconf.h
+===================================================================
+--- openssl-0.9.7m.orig/crypto/opensslconf.h 2007-02-23 13:52:32.000000000 +0100
++++ openssl-0.9.7m/crypto/opensslconf.h 2008-04-12 02:37:45.000000000 +0200
+@@ -4,17 +4,38 @@
+ /* OpenSSL was configured with the following options: */
+ #ifndef OPENSSL_DOING_MAKEDEPEND
+
++#ifndef OPENSSL_NO_IDEA
++# define OPENSSL_NO_IDEA
++#endif
++#ifndef OPENSSL_NO_MDC2
++# define OPENSSL_NO_MDC2
++#endif
++#ifndef OPENSSL_NO_RC5
++# define OPENSSL_NO_RC5
++#endif
+ #ifndef OPENSSL_NO_KRB5
+ # define OPENSSL_NO_KRB5
+ #endif
+
+ #endif /* OPENSSL_DOING_MAKEDEPEND */
++#ifndef OPENSSL_THREADS
++# define OPENSSL_THREADS
++#endif
+
+ /* The OPENSSL_NO_* macros are also defined as NO_* if the application
+ asks for it. This is a transient feature that is provided for those
+ who haven't had the time to do the appropriate changes in their
+ applications. */
+ #ifdef OPENSSL_ALGORITHM_DEFINES
++# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
++# define NO_IDEA
++# endif
++# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
++# define NO_MDC2
++# endif
++# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
++# define NO_RC5
++# endif
+ # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+ # define NO_KRB5
+ # endif
+@@ -27,7 +48,7 @@
+
+ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+-#define OPENSSLDIR "/usr/local/ssl"
++#define OPENSSLDIR "/usr/lib/ssl"
+ #endif
+ #endif
+
+@@ -79,7 +100,7 @@
+
+ #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+ #define CONFIG_HEADER_BN_H
+-#undef BN_LLONG
++#define BN_LLONG
+
+ /* Should we define BN_DIV2W here? */
+
+@@ -98,7 +119,7 @@
+ #define CONFIG_HEADER_RC4_LOCL_H
+ /* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+-#undef RC4_INDEX
++#define RC4_INDEX
+ #endif
+
+ #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+@@ -112,14 +133,14 @@
+ /* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+ #ifndef DES_PTR
+-#undef DES_PTR
++#define DES_PTR
+ #endif
+
+ /* This helps C compiler generate the correct code for multiple functional
+ * units. It reduces register dependancies at the expense of 2 more
+ * registers */
+ #ifndef DES_RISC1
+-#undef DES_RISC1
++#define DES_RISC1
+ #endif
+
+ #ifndef DES_RISC2
+@@ -133,7 +154,7 @@
+ /* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+ #ifndef DES_UNROLL
+-#undef DES_UNROLL
++#define DES_UNROLL
+ #endif
+
+ /* These default values were supplied by
+Index: openssl-0.9.7m/ms/fipscheck.pl
+===================================================================
+--- openssl-0.9.7m.orig/ms/fipscheck.pl 2006-01-28 14:34:27.000000000 +0100
++++ openssl-0.9.7m/ms/fipscheck.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+
+ # fipscheck.pl
+ # sample perl script to check integrity of critical FIPS files
+Index: openssl-0.9.7m/Configure
+===================================================================
+--- openssl-0.9.7m.orig/Configure 2007-02-22 23:30:49.000000000 +0100
++++ openssl-0.9.7m/Configure 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-:
++#!/usr/local/bin/perl
+ eval 'exec perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+ ##
+@@ -390,6 +390,43 @@
+ # assembler versions -- currently defunct:
+ ##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}",
+
++# Debian GNU/* (various architectures)
++"debian-alpha","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ia64","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC",
++"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -mcpu=i486 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -mcpu=i586 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -mcpu=i686 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-mips","gcc:-O2 -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc64.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v8 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,-Av8plus -fomit-frame-pointer -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++
+ # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
+ # bn86-elf.o file file since it is hand tweaked assembler.
+ "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+Index: openssl-0.9.7m/os2/backwardify.pl
+===================================================================
+--- openssl-0.9.7m.orig/os2/backwardify.pl 2003-11-28 15:51:17.000000000 +0100
++++ openssl-0.9.7m/os2/backwardify.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl -w
++#!/usr/local/bin/perl
+ use strict;
+
+ # Use as $0
+Index: openssl-0.9.7m/Makefile.org
+===================================================================
+--- openssl-0.9.7m.orig/Makefile.org 2007-01-16 20:30:19.000000000 +0100
++++ openssl-0.9.7m/Makefile.org 2008-04-12 02:37:45.000000000 +0200
+@@ -57,6 +57,7 @@
+ # equal 4.
+ # PKCS1_CHECK - pkcs1 tests.
+
++#TOP=$(shell pwd)
+ CC= gcc
+ #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+ CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+@@ -195,7 +196,7 @@
+ # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
+ SHLIB_MARK=
+
+-DIRS= crypto fips-1.0 ssl $(SHLIB_MARK) apps test tools
++DIRS= crypto fips-1.0 ssl $(SHLIB_MARK) apps doc tools
+ SHLIBDIRS= crypto ssl
+
+ # dirs in crypto to build
+@@ -214,10 +215,10 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
+ SHELL=/bin/sh
+
+ TOP= .
+Index: openssl-0.9.7m/util/selftest.pl
+===================================================================
+--- openssl-0.9.7m.orig/util/selftest.pl 2005-06-20 22:45:44.000000000 +0200
++++ openssl-0.9.7m/util/selftest.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # Run the test suite and generate a report
+ #
+Index: openssl-0.9.7m/util/extract-names.pl
+===================================================================
+--- openssl-0.9.7m.orig/util/extract-names.pl 2004-03-25 20:52:36.000000000 +0100
++++ openssl-0.9.7m/util/extract-names.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+
+ $/ = ""; # Eat a paragraph at once.
+ while(<STDIN>) {
+Index: openssl-0.9.7m/util/checkhash.pl
+===================================================================
+--- openssl-0.9.7m.orig/util/checkhash.pl 2005-05-26 23:29:03.000000000 +0200
++++ openssl-0.9.7m/util/checkhash.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl -w
++#!/usr/local/bin/perl
+
+ my $package = caller;
+
+Index: openssl-0.9.7m/util/clean-depend.pl
+===================================================================
+--- openssl-0.9.7m.orig/util/clean-depend.pl 2001-10-10 10:27:28.000000000 +0200
++++ openssl-0.9.7m/util/clean-depend.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ # Clean the dependency list in a makefile of standard includes...
+ # Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
+
+Index: openssl-0.9.7m/util/mkerr.pl
+===================================================================
+--- openssl-0.9.7m.orig/util/mkerr.pl 2006-11-21 20:19:09.000000000 +0100
++++ openssl-0.9.7m/util/mkerr.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ my $config = "crypto/err/openssl.ec";
+ my $debug = 0;
+Index: openssl-0.9.7m/util/mkdef.pl
+===================================================================
+--- openssl-0.9.7m.orig/util/mkdef.pl 2006-02-05 00:05:40.000000000 +0100
++++ openssl-0.9.7m/util/mkdef.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # generate a .def file
+ #
+Index: openssl-0.9.7m/util/mkstack.pl
+===================================================================
+--- openssl-0.9.7m.orig/util/mkstack.pl 2004-10-04 18:27:36.000000000 +0200
++++ openssl-0.9.7m/util/mkstack.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ # This is a utility that searches out "DECLARE_STACK_OF()"
+ # declarations in .h and .c files, and updates/creates/replaces
+Index: openssl-0.9.7m/util/pod2man.pl
+===================================================================
+--- openssl-0.9.7m.orig/util/pod2man.pl 2005-06-18 06:27:11.000000000 +0200
++++ openssl-0.9.7m/util/pod2man.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-: #!/usr/bin/perl-5.005
++#!/usr/local/bin/perl
+ eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+
+Index: openssl-0.9.7m/util/fipslink.pl
+===================================================================
+--- openssl-0.9.7m.orig/util/fipslink.pl 2006-02-06 00:49:06.000000000 +0100
++++ openssl-0.9.7m/util/fipslink.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+
+ sub check_env
+ {
+Index: openssl-0.9.7m/config
+===================================================================
+--- openssl-0.9.7m.orig/config 2007-01-16 14:48:16.000000000 +0100
++++ openssl-0.9.7m/config 2008-04-12 02:37:45.000000000 +0200
+@@ -179,8 +179,8 @@
+ echo "${MACHINE}-whatever-linux1"; exit 0
+ ;;
+
+- GNU*)
+- echo "hurd-x86"; exit 0;
++ GNU:*|GNU/*:*)
++ echo "${MACHINE}-gnuish"; exit 0;
+ ;;
+
+ LynxOS:*)
+Index: openssl-0.9.7m/doc/Makefile
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ openssl-0.9.7m/doc/Makefile 2008-04-12 02:37:45.000000000 +0200
+@@ -0,0 +1,40 @@
++VERSION =
++
++#PODS = $(wildcard *.pod)
++#MANS = $(addsuffix .man, $(basename $(PODS)))
++
++MANS = openssl.1 ssl.3 crypto.3
++
++P2M = pod2man --center='OpenSSL Documentation' --release="OpenSSL $(VERSION)"
++
++all: manpages
++
++.PHONY: manpages
++
++manpages: openssl.1 crypto.3 ssl.3
++
++openssl.1:
++ $(P2M) --section=1 openssl.pod > openssl.1
++
++crypto.3:
++ $(P2M) --section=3 crypto.pod > crypto.3
++
++ssl.3:
++ $(P2M) --section=3 ssl.pod > ssl.3
++
++.PHONY: install
++install:
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p openssl.1 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ install -m 644 -p crypto.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p ssl.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ rm -f $(MANS)
++
++.PHONY: clean
++clean:
++ rm -f $(MANS)
++
++.PHONY: realclean
++realclean:
++ -$(MAKE) clean
+Index: openssl-0.9.7m/Makefile
+===================================================================
+--- openssl-0.9.7m.orig/Makefile 2007-02-23 13:52:32.000000000 +0100
++++ openssl-0.9.7m/Makefile 2008-04-12 02:46:16.000000000 +0200
+@@ -11,11 +11,11 @@
+ SHLIB_VERSION_HISTORY=
+ SHLIB_MAJOR=0
+ SHLIB_MINOR=9.7
+-SHLIB_EXT=
+-PLATFORM=dist
+-OPTIONS= no-krb5
+-CONFIGURE_ARGS=dist
+-SHLIB_TARGET=
++SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
++PLATFORM=debian-i386
++OPTIONS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug no-krb5
++CONFIGURE_ARGS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug debian-i386
++SHLIB_TARGET=linux-shared
+
+ # HERE indicates where this Makefile lives. This can be used to indicate
+ # where sub-Makefiles are expected to be. Currently has very limited usage,
+@@ -26,10 +26,10 @@
+ # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+ # Normally it is left empty.
+ INSTALL_PREFIX=
+-INSTALLTOP=/usr/local/ssl
++INSTALLTOP=/usr
+
+ # Do not edit this manually. Use Configure --openssldir=DIR do change this!
+-OPENSSLDIR=/usr/local/ssl
++OPENSSLDIR=/usr/lib/ssl
+
+ # NO_IDEA - Define to build without the IDEA algorithm
+ # NO_RC4 - Define to build without the RC4 algorithm
+@@ -59,12 +59,12 @@
+ # equal 4.
+ # PKCS1_CHECK - pkcs1 tests.
+
+-CC= cc
++CC= gcc
+ #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+-CFLAG= -DOPENSSL_NO_KRB5 -O
+-DEPFLAG=
++CFLAG= -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DL_ENDIAN -DTERMIO -O3 -Wall -g
++DEPFLAG= -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5
+ PEX_LIBS=
+-EX_LIBS=
++EX_LIBS= -ldl
+ EXE_EXT=
+ ARFLAGS=
+ AR=ar $(ARFLAGS) r
+@@ -72,7 +72,7 @@
+ PERL= /usr/bin/perl
+ TAR= tar
+ TARFLAGS= --no-recursion
+-MAKEDEPPROG=makedepend
++MAKEDEPPROG= gcc
+
+ # We let the C compiler driver to take care of .s files. This is done in
+ # order to be excused from maintaining a separate set of architecture
+@@ -197,13 +197,13 @@
+ # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
+ SHLIB_MARK=
+
+-DIRS= crypto fips-1.0 ssl $(SHLIB_MARK) apps test tools
++DIRS= crypto fips-1.0 ssl $(SHLIB_MARK) apps doc tools
+ SHLIBDIRS= crypto ssl
+
+ # dirs in crypto to build
+ SDIRS= objects \
+- md2 md4 md5 sha mdc2 hmac ripemd \
+- des rc2 rc4 rc5 idea bf cast \
++ md2 md4 md5 sha hmac ripemd \
++ des rc2 rc4 bf cast \
+ bn ec rsa dsa dh dso engine aes \
+ buffer bio stack lhash rand err \
+ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
+@@ -216,10 +216,10 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
+ SHELL=/bin/sh
+
+ TOP= .
+@@ -230,7 +230,7 @@
+ SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+ SHARED_SSL=libssl$(SHLIB_EXT)
+ SHARED_LIBS=
+-SHARED_LIBS_LINK_EXTS=
++SHARED_LIBS_LINK_EXTS=.so.$(SHLIB_MAJOR) .so
+ SHARED_LDFLAGS=
+
+ GENERAL= Makefile
+Index: openssl-0.9.7m/VMS/VMSify-conf.pl
+===================================================================
+--- openssl-0.9.7m.orig/VMS/VMSify-conf.pl 2004-05-13 23:38:23.000000000 +0200
++++ openssl-0.9.7m/VMS/VMSify-conf.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-#! /usr/bin/perl
++#!/usr/local/bin/perl
+
+ use strict;
+ use warnings;
+Index: openssl-0.9.7m/ssl/ssl_lib.c
+===================================================================
+--- openssl-0.9.7m.orig/ssl/ssl_lib.c 2006-09-28 13:53:51.000000000 +0200
++++ openssl-0.9.7m/ssl/ssl_lib.c 2008-04-12 02:48:25.000000000 +0200
+@@ -1169,7 +1169,6 @@
+ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
+ {
+ char *p;
+- const char *cp;
+ STACK_OF(SSL_CIPHER) *sk;
+ SSL_CIPHER *c;
+ int i;
+@@ -1182,20 +1181,21 @@
+ sk=s->session->ciphers;
+ for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
+ {
+- /* Decrement for either the ':' or a '\0' */
+- len--;
++ int n;
++
+ c=sk_SSL_CIPHER_value(sk,i);
+- for (cp=c->name; *cp; )
++ n=strlen(c->name);
++ if (n+1 > len)
+ {
+- if (len-- <= 0)
+- {
+- *p='\0';
+- return(buf);
+- }
+- else
+- *(p++)= *(cp++);
++ if (p != buf)
++ --p;
++ *p='\0';
++ return buf;
+ }
++ strcpy(p,c->name);
++ p+=n;
+ *(p++)=':';
++ len-=n+1;
+ }
+ p[-1]='\0';
+ return(buf);
+Index: openssl-0.9.7m/ssl/ssl_algs.c
+===================================================================
+--- openssl-0.9.7m.orig/ssl/ssl_algs.c 2001-02-20 09:11:58.000000000 +0100
++++ openssl-0.9.7m/ssl/ssl_algs.c 2008-04-12 02:37:45.000000000 +0200
+@@ -109,3 +109,8 @@
+ return(1);
+ }
+
++#undef SSLeay_add_ssl_algorithms
++int SSLeay_add_ssl_algorithms(void)
++ {
++ return SSL_library_init();
++ }
+Index: openssl-0.9.7m/demos/tunala/configure.in
+===================================================================
+--- openssl-0.9.7m.orig/demos/tunala/configure.in 2002-01-08 03:58:54.000000000 +0100
++++ openssl-0.9.7m/demos/tunala/configure.in 2008-04-12 02:37:45.000000000 +0200
+@@ -1,4 +1,4 @@
+-dnl Process this file with autoconf to produce a configure script.
++#!/usr/local/bin/perl
+ AC_INIT(tunala.c)
+ AM_CONFIG_HEADER(config.h)
+ AM_INIT_AUTOMAKE(tunala, 0.0.1-dev)
+Index: openssl-0.9.7m/apps/CA.pl
+===================================================================
+--- openssl-0.9.7m.orig/apps/CA.pl 2007-02-23 13:52:38.000000000 +0100
++++ openssl-0.9.7m/apps/CA.pl 2008-04-12 02:37:45.000000000 +0200
+@@ -63,6 +63,7 @@
+ foreach (@ARGV) {
+ if ( /^(-\?|-h|-help)$/ ) {
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 0;
+ } elsif (/^-newcert$/) {
+ # create a certificate
+@@ -159,6 +160,7 @@
+ } else {
+ print STDERR "Unknown arg $_\n";
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 1;
+ }
+ }
+Index: openssl-0.9.7m/apps/CA.pl.in
+===================================================================
+--- openssl-0.9.7m.orig/apps/CA.pl.in 2005-07-04 23:44:19.000000000 +0200
++++ openssl-0.9.7m/apps/CA.pl.in 2008-04-12 02:37:45.000000000 +0200
+@@ -63,6 +63,7 @@
+ foreach (@ARGV) {
+ if ( /^(-\?|-h|-help)$/ ) {
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 0;
+ } elsif (/^-newcert$/) {
+ # create a certificate
+@@ -159,6 +160,7 @@
+ } else {
+ print STDERR "Unknown arg $_\n";
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 1;
+ }
+ }
+Index: openssl-0.9.7m/apps/progs.h
+===================================================================
+--- openssl-0.9.7m.orig/apps/progs.h 2004-06-19 15:54:59.000000000 +0200
++++ openssl-0.9.7m/apps/progs.h 2008-04-12 02:37:45.000000000 +0200
+@@ -35,11 +35,9 @@
+ extern int spkac_main(int argc,char *argv[]);
+ extern int smime_main(int argc,char *argv[]);
+ extern int rand_main(int argc,char *argv[]);
+-extern int prime_main(int argc,char *argv[]);
+-#ifndef OPENSSL_NO_ENGINE
+ extern int engine_main(int argc,char *argv[]);
+-#endif
+ extern int ocsp_main(int argc,char *argv[]);
++extern int prime_main(int argc,char *argv[]);
+
+ #define FUNC_TYPE_GENERAL 1
+ #define FUNC_TYPE_MD 2
+@@ -95,9 +93,7 @@
+ #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
+ {FUNC_TYPE_GENERAL,"s_client",s_client_main},
+ #endif
+-#ifndef OPENSSL_NO_SPEED
+ {FUNC_TYPE_GENERAL,"speed",speed_main},
+-#endif
+ #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
+ {FUNC_TYPE_GENERAL,"s_time",s_time_main},
+ #endif
+@@ -116,11 +112,9 @@
+ {FUNC_TYPE_GENERAL,"spkac",spkac_main},
+ {FUNC_TYPE_GENERAL,"smime",smime_main},
+ {FUNC_TYPE_GENERAL,"rand",rand_main},
+- {FUNC_TYPE_GENERAL,"prime",prime_main},
+-#ifndef OPENSSL_NO_ENGINE
+ {FUNC_TYPE_GENERAL,"engine",engine_main},
+-#endif
+ {FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
++ {FUNC_TYPE_GENERAL,"prime",prime_main},
+ #ifndef OPENSSL_NO_MD2
+ {FUNC_TYPE_MD,"md2",dgst_main},
+ #endif
diff --git a/recipes/openssl/openssl-0.9.7m/gnueabi-arm.patch b/recipes/openssl/openssl-0.9.7m/gnueabi-arm.patch
new file mode 100644
index 0000000000..be0adbdea7
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7m/gnueabi-arm.patch
@@ -0,0 +1,15 @@
+
+#
+# Patch managed by http://www.mn-logistik.de/unsupported/pxa250/patcher
+#
+
+--- openssl-0.9.7e/Configure~gnueabi-arm 2006-03-19 21:04:31.000000000 +0100
++++ openssl-0.9.7e/Configure 2006-03-19 21:07:22.000000000 +0100
+@@ -462,6 +462,7 @@
+ # Linux on ARM
+ "linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-elf-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-gnueabi-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ # SCO/Caldera targets.
+ #
diff --git a/recipes/openssl/openssl-0.9.7m/gnueabi-armeb.patch b/recipes/openssl/openssl-0.9.7m/gnueabi-armeb.patch
new file mode 100644
index 0000000000..38f725b789
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7m/gnueabi-armeb.patch
@@ -0,0 +1,10 @@
+--- openssl-0.9.7g/Configure~ 2007-07-07 21:08:27.000000000 +0930
++++ openssl-0.9.7g/Configure 2007-07-07 21:13:41.000000000 +0930
+@@ -477,6 +477,7 @@
+ "linux-elf-arm","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-elf-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-gnueabi-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-gnueabi-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ # SCO/Caldera targets.
+ #
diff --git a/recipes/openssl/openssl-0.9.7m/uclibcgnueabi.patch b/recipes/openssl/openssl-0.9.7m/uclibcgnueabi.patch
new file mode 100644
index 0000000000..d89bfdeec9
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.7m/uclibcgnueabi.patch
@@ -0,0 +1,12 @@
+--- /tmp/Configure.patched 2007-08-27 18:34:23.412489103 +0200
++++ openssl-0.9.7g/Configure 2007-08-27 18:35:05.134866725 +0200
+@@ -478,6 +478,9 @@
+ "linux-elf-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-gnueabi-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-gnueabi-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-uclibcgnueabi-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-uclibcgnueabi-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++
+
+ # SCO/Caldera targets.
+ #
diff --git a/recipes/openssl/openssl-0.9.8g/configure-targets.patch b/recipes/openssl/openssl-0.9.8g/configure-targets.patch
new file mode 100644
index 0000000000..b68123a233
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.8g/configure-targets.patch
@@ -0,0 +1,24 @@
+
+The number of colons are important :)
+
+Index: openssl-0.9.8g/Configure
+===================================================================
+--- openssl-0.9.8g.orig/Configure 2008-04-12 04:27:22.000000000 +0200
++++ openssl-0.9.8g/Configure 2008-04-12 04:38:56.000000000 +0200
+@@ -395,6 +395,16 @@
+ "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
+ "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
+
++ # Linux on ARM
++"linux-elf-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-elf-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-gnueabi-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-uclibcgnueabi-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-uclibcgnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++
++"linux-avr32","$ENV{'CC'}:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
++
+ #### *BSD [do see comment about ${BSDthreads} above!]
+ "BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "BSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/recipes/openssl/openssl-0.9.8g/debian.patch b/recipes/openssl/openssl-0.9.8g/debian.patch
new file mode 100644
index 0000000000..b7d571a7fd
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.8g/debian.patch
@@ -0,0 +1,1280 @@
+--- openssl-0.9.8g.orig/Makefile
++++ openssl-0.9.8g/Makefile
+@@ -11,11 +11,11 @@
+ SHLIB_VERSION_HISTORY=
+ SHLIB_MAJOR=0
+ SHLIB_MINOR=9.8
+-SHLIB_EXT=
+-PLATFORM=dist
+-OPTIONS= no-camellia no-gmp no-krb5 no-mdc2 no-rc5 no-rfc3779 no-seed no-shared no-tlsext no-zlib no-zlib-dynamic
+-CONFIGURE_ARGS=dist
+-SHLIB_TARGET=
++SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
++PLATFORM=debian-amd64
++OPTIONS=--prefix=/usr --openssldir=/usr/lib/ssl enable-zlib enable-tlsext no-camellia no-gmp no-idea no-krb5 no-mdc2 no-rc5 no-rfc3779 no-seed no-shared no-zlib-dynamic
++CONFIGURE_ARGS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib enable-tlsext debian-amd64
++SHLIB_TARGET=linux-shared
+
+ # HERE indicates where this Makefile lives. This can be used to indicate
+ # where sub-Makefiles are expected to be. Currently has very limited usage,
+@@ -26,10 +26,10 @@
+ # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+ # Normally it is left empty.
+ INSTALL_PREFIX=
+-INSTALLTOP=/usr/local/ssl
++INSTALLTOP=/usr
+
+ # Do not edit this manually. Use Configure --openssldir=DIR do change this!
+-OPENSSLDIR=/usr/local/ssl
++OPENSSLDIR=/usr/lib/ssl
+
+ # NO_IDEA - Define to build without the IDEA algorithm
+ # NO_RC4 - Define to build without the RC4 algorithm
+@@ -59,11 +59,11 @@
+ # equal 4.
+ # PKCS1_CHECK - pkcs1 tests.
+
+-CC= cc
+-CFLAG= -O
+-DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED -DOPENSSL_NO_TLSEXT
++CC= gcc
++CFLAG= -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall -DMD32_REG_T=int -DMD5_ASM
++DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED
+ PEX_LIBS=
+-EX_LIBS=
++EX_LIBS= -ldl -lz
+ EXE_EXT=
+ ARFLAGS=
+ AR=ar $(ARFLAGS) r
+@@ -71,7 +71,7 @@
+ PERL= /usr/bin/perl
+ TAR= tar
+ TARFLAGS= --no-recursion
+-MAKEDEPPROG=makedepend
++MAKEDEPPROG= gcc
+
+ # We let the C compiler driver to take care of .s files. This is done in
+ # order to be excused from maintaining a separate set of architecture
+@@ -86,15 +86,15 @@
+ PROCESSOR=
+
+ # CPUID module collects small commonly used assembler snippets
+-CPUID_OBJ=
+-BN_ASM= bn_asm.o
++CPUID_OBJ= x86_64cpuid.o
++BN_ASM= x86_64-gcc.o
+ DES_ENC= des_enc.o fcrypt_b.o
+ AES_ASM_OBJ= aes_core.o aes_cbc.o
+ BF_ENC= bf_enc.o
+ CAST_ENC= c_enc.o
+ RC4_ENC= rc4_enc.o
+ RC5_ENC= rc5_enc.o
+-MD5_ASM_OBJ=
++MD5_ASM_OBJ= md5-x86_64.o
+ SHA1_ASM_OBJ=
+ RMD160_ASM_OBJ=
+
+@@ -106,14 +106,14 @@
+ ZLIB_INCLUDE=
+ LIBZLIB=
+
+-DIRS= crypto ssl engines apps test tools
++DIRS= crypto ssl engines apps tools
+ SHLIBDIRS= crypto ssl
+
+ # dirs in crypto to build
+ SDIRS= \
+ objects \
+ md2 md4 md5 sha hmac ripemd \
+- des aes rc2 rc4 idea bf cast \
++ des aes rc2 rc4 bf cast \
+ bn ec rsa dsa ecdsa dh ecdh dso engine \
+ buffer bio stack lhash rand err \
+ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
+@@ -127,10 +127,11 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
++MANSECTION=SSL
+ SHELL=/bin/sh
+
+ TOP= .
+@@ -141,8 +142,8 @@
+ SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+ SHARED_SSL=libssl$(SHLIB_EXT)
+ SHARED_LIBS=
+-SHARED_LIBS_LINK_EXTS=
+-SHARED_LDFLAGS=
++SHARED_LIBS_LINK_EXTS=.so
++SHARED_LDFLAGS=-m64 -Wl,--version-script=openssl.ld
+
+ GENERAL= Makefile
+ BASENAME= openssl
+@@ -310,7 +311,8 @@
+ echo 'Description: OpenSSL cryptography library'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+ libssl.pc: Makefile
+@@ -323,7 +325,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl'; \
++ echo 'Libs.private: -lcrypto $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+ openssl.pc: Makefile
+@@ -336,7 +339,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
+
+ Makefile: Makefile.org Configure config
+@@ -480,7 +484,7 @@
+ install_sw:
+ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib \
+- $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines \
++ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+@@ -558,7 +562,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+@@ -575,7 +579,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+--- openssl-0.9.8g.orig/Configure
++++ openssl-0.9.8g/Configure
+@@ -1,4 +1,4 @@
+-:
++#!/usr/local/bin/perl
+ eval 'exec perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+ ##
+@@ -118,7 +118,8 @@
+ my $x86_coff_asm="x86cpuid-cof.o:bn86-cof.o co86-cof.o:dx86-cof.o yx86-cof.o:ax86-cof.o:bx86-cof.o:mx86-cof.o:sx86-cof.o s512sse2-cof.o:cx86-cof.o:rx86-cof.o:rm86-cof.o:r586-cof.o";
+ my $x86_out_asm="x86cpuid-out.o:bn86-out.o co86-out.o:dx86-out.o yx86-out.o:ax86-out.o:bx86-out.o:mx86-out.o:sx86-out.o s512sse2-out.o:cx86-out.o:rx86-out.o:rm86-out.o:r586-out.o";
+
+-my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o::::md5-x86_64.o:::rc4-x86_64.o::";
++#my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o::::md5-x86_64.o:::rc4-x86_64.o::";
++my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o::::md5-x86_64.o:::::";
+ my $ia64_asm=":bn-ia64.o::aes_core.o aes_cbc.o aes-ia64.o:::sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o::";
+
+ my $no_asm="::::::::::";
+@@ -308,6 +309,47 @@
+ "osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared:::.so",
+ "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
+
++# Debian GNU/* (various architectures)
++"debian-alpha","gcc:-DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev4","gcc:-DTERMIO -O3 -Wa,--noexecstack -mcpu=ev4 -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev5","gcc:-DTERMIO -O3 -Wa,--noexecstack -mcpu=ev5 -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-armeb","gcc:-DB_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-armel","gcc:-DL_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-kfreebsd-amd64","gcc:-m64 -DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-freebsd-alpha","gcc:-DTERMIOS -O -Wa,--noexecstack -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ia64","gcc:-DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC",
++"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-alpha","gcc:-DTERMIOS -O3 -Wa,--noexecstack -g::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-mips","gcc:-O2 -Wa,--noexecstack -g -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-m32r","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -mcpu=v8 -g -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,--noexecstack -Wa,-Av8plus -g -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++
+ ####
+ #### Variety of LINUX:-)
+ ####
+@@ -476,7 +518,7 @@
+ # Cygwin
+ "Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
+ "Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_coff_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+-"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
++-"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+
+ # NetWare from David Ward (dsward@novell.com) - requires MetroWerks NLM development tools
+ # netware-clib => legacy CLib c-runtime support
+@@ -1300,6 +1342,8 @@
+ $shlib_minor=$2;
+ }
+
++$shared_ldflag .= " -Wl,--version-script=openssl.ld";
++
+ open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
+ unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
+ open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
+@@ -1371,7 +1415,8 @@
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
+ {
+ my $sotmp = $1;
+- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
++# s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
++ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
+ }
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
+ {
+@@ -1490,7 +1535,7 @@
+ if (/^#define\s+OPENSSLDIR/)
+ { print OUT "#define OPENSSLDIR \"$openssldir\"\n"; }
+ elsif (/^#define\s+ENGINESDIR/)
+- { print OUT "#define ENGINESDIR \"$prefix/lib/engines\"\n"; }
++ { print OUT "#define ENGINESDIR \"$prefix/lib/ssl/engines\"\n"; }
+ elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
+ { printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
+ if $export_var_as_fn;
+--- openssl-0.9.8g.orig/Makefile.shared
++++ openssl-0.9.8g/Makefile.shared
+@@ -151,9 +151,9 @@
+ SHLIB_SUFFIX=; \
+ ALLSYMSFLAGS='-Wl,--whole-archive'; \
+ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
++ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+
+-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
++DO_GNU_APP=LDFLAGS="$(CFLAGS)"
+
+ #This is rather special. It's a special target with which one can link
+ #applications without bothering with any features that have anything to
+--- openssl-0.9.8g.orig/config
++++ openssl-0.9.8g/config
+@@ -162,8 +162,8 @@
+ echo "${MACHINE}-whatever-linux1"; exit 0
+ ;;
+
+- GNU*)
+- echo "hurd-x86"; exit 0;
++ GNU:*|GNU/*:*)
++ echo "${MACHINE}-gnuish"; exit 0;
+ ;;
+
+ LynxOS:*)
+--- openssl-0.9.8g.orig/Makefile.org
++++ openssl-0.9.8g/Makefile.org
+@@ -104,7 +104,7 @@
+ ZLIB_INCLUDE=
+ LIBZLIB=
+
+-DIRS= crypto ssl engines apps test tools
++DIRS= crypto ssl engines apps tools
+ SHLIBDIRS= crypto ssl
+
+ # dirs in crypto to build
+@@ -125,10 +125,11 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
++MANSECTION=SSL
+ SHELL=/bin/sh
+
+ TOP= .
+@@ -308,7 +309,8 @@
+ echo 'Description: OpenSSL cryptography library'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+ libssl.pc: Makefile
+@@ -321,7 +323,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl'; \
++ echo 'Libs.private: -lcrypto $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+ openssl.pc: Makefile
+@@ -334,7 +337,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
+
+ Makefile: Makefile.org Configure config
+@@ -478,7 +482,7 @@
+ install_sw:
+ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib \
+- $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines \
++ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+@@ -556,7 +560,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+@@ -573,7 +577,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+--- openssl-0.9.8g.orig/openssl.ld
++++ openssl-0.9.8g/openssl.ld
+@@ -0,0 +1,5 @@
++OPENSSL_0.9.8 {
++ global:
++ *;
++};
++
+--- openssl-0.9.8g.orig/VMS/VMSify-conf.pl
++++ openssl-0.9.8g/VMS/VMSify-conf.pl
+@@ -1,4 +1,4 @@
+-#! /usr/bin/perl
++#!/usr/local/bin/perl
+
+ use strict;
+ use warnings;
+--- openssl-0.9.8g.orig/Netware/do_tests.pl
++++ openssl-0.9.8g/Netware/do_tests.pl
+@@ -1,4 +1,4 @@
+-# perl script to run OpenSSL tests
++#!/usr/local/bin/perl
+
+
+ my $base_path = "\\openssl";
+--- openssl-0.9.8g.orig/apps/s_time.c
++++ openssl-0.9.8g/apps/s_time.c
+@@ -117,6 +117,7 @@
+
+ /* The following if from times(3) man page. It may need to be changed
+ */
++#undef HZ
+ #ifndef HZ
+ # ifdef _SC_CLK_TCK
+ # define HZ ((double)sysconf(_SC_CLK_TCK))
+--- openssl-0.9.8g.orig/apps/CA.sh
++++ openssl-0.9.8g/apps/CA.sh
+@@ -91,6 +91,7 @@
+ -out ${CATOP}/$CAREQ
+ $CA -out ${CATOP}/$CACERT $CADAYS -batch \
+ -keyfile ${CATOP}/private/$CAKEY -selfsign \
++ -extensions v3_ca \
+ -infiles ${CATOP}/$CAREQ
+ RET=$?
+ fi
+--- openssl-0.9.8g.orig/apps/CA.pl.in
++++ openssl-0.9.8g/apps/CA.pl.in
+@@ -65,6 +65,7 @@
+ foreach (@ARGV) {
+ if ( /^(-\?|-h|-help)$/ ) {
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 0;
+ } elsif (/^-newcert$/) {
+ # create a certificate
+@@ -165,6 +166,7 @@
+ } else {
+ print STDERR "Unknown arg $_\n";
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 1;
+ }
+ }
+--- openssl-0.9.8g.orig/apps/speed.c
++++ openssl-0.9.8g/apps/speed.c
+@@ -577,7 +577,7 @@
+ #define MAX_BLOCK_SIZE 64
+ #endif
+ unsigned char DES_iv[8];
+- unsigned char iv[MAX_BLOCK_SIZE/8];
++ unsigned char iv[2*MAX_BLOCK_SIZE/8];
+ #ifndef OPENSSL_NO_DES
+ DES_cblock *buf_as_des_cblock = NULL;
+ static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+--- openssl-0.9.8g.orig/apps/CA.pl
++++ openssl-0.9.8g/apps/CA.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+ #
+ # CA - wrapper around ca to make it easier to use ... basically ca requires
+ # some setup stuff to be done before you can use it and this makes
+@@ -65,6 +65,7 @@
+ foreach (@ARGV) {
+ if ( /^(-\?|-h|-help)$/ ) {
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 0;
+ } elsif (/^-newcert$/) {
+ # create a certificate
+@@ -165,6 +166,7 @@
+ } else {
+ print STDERR "Unknown arg $_\n";
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 1;
+ }
+ }
+--- openssl-0.9.8g.orig/os2/backwardify.pl
++++ openssl-0.9.8g/os2/backwardify.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl -w
++#!/usr/local/bin/perl
+ use strict;
+
+ # Use as $0
+--- openssl-0.9.8g.orig/engines/Makefile
++++ openssl-0.9.8g/engines/Makefile
+@@ -97,13 +97,13 @@
+ *DSO_DL*) sfx="sl";; \
+ *) sfx="bad";; \
+ esac; \
+- cp lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \
++ cp lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines/lib$$l.$$sfx.new; \
+ else \
+ sfx="so"; \
+ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \
+ fi; \
+- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \
+- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx ); \
++ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines/lib$$l.$$sfx.new; \
++ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines/lib$$l.$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines/lib$$l.$$sfx ); \
+ done; \
+ fi
+
+--- openssl-0.9.8g.orig/engines/openssl.ld
++++ openssl-0.9.8g/engines/openssl.ld
+@@ -0,0 +1,5 @@
++OPENSSL_0.9.8 {
++ global:
++ *;
++};
++
+--- openssl-0.9.8g.orig/tools/c_rehash
++++ openssl-0.9.8g/tools/c_rehash
+@@ -6,7 +6,7 @@
+
+ my $openssl;
+
+-my $dir = "/usr/local/ssl";
++my $dir = "/usr/lib/ssl";
+
+ if(defined $ENV{OPENSSL}) {
+ $openssl = $ENV{OPENSSL};
+@@ -59,12 +59,15 @@
+ }
+ }
+ closedir DIR;
+- FILE: foreach $fname (grep {/\.pem$/} @flist) {
++ FILE: foreach $fname (grep {/\.pem$|\.crt$/} @flist) {
+ # Check to see if certificates and/or CRLs present.
+ my ($cert, $crl) = check_file($fname);
+ if(!$cert && !$crl) {
+- print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
+- next;
++ ($cert, $crl) = check_file("$openssl x509 -in \"$fname\" -inform der -outform pem | ");
++ if(!$cert && !$crl) {
++ print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
++ next;
++ }
+ }
+ link_hash_cert($fname) if($cert);
+ link_hash_crl($fname) if($crl);
+@@ -102,6 +105,9 @@
+ my $fname = $_[0];
+ $fname =~ s/'/'\\''/g;
+ my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
++ if(!$hash || !fprint) {
++ ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname' -inform der`;
++ }
+ chomp $hash;
+ chomp $fprint;
+ $fprint =~ s/^.*=//;
+--- openssl-0.9.8g.orig/tools/c_rehash.in
++++ openssl-0.9.8g/tools/c_rehash.in
+@@ -59,12 +59,15 @@
+ }
+ }
+ closedir DIR;
+- FILE: foreach $fname (grep {/\.pem$/} @flist) {
++ FILE: foreach $fname (grep {/\.pem$|\.crt$/} @flist) {
+ # Check to see if certificates and/or CRLs present.
+ my ($cert, $crl) = check_file($fname);
+ if(!$cert && !$crl) {
+- print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
+- next;
++ ($cert, $crl) = check_file("$openssl x509 -in \"$fname\" -inform der -outform pem | ");
++ if(!$cert && !$crl) {
++ print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
++ next;
++ }
+ }
+ link_hash_cert($fname) if($cert);
+ link_hash_crl($fname) if($crl);
+@@ -102,6 +105,9 @@
+ my $fname = $_[0];
+ $fname =~ s/'/'\\''/g;
+ my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
++ if(!$hash || !fprint) {
++ ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname' -inform der`;
++ }
+ chomp $hash;
+ chomp $fprint;
+ $fprint =~ s/^.*=//;
+--- openssl-0.9.8g.orig/ssl/t1_lib.c
++++ openssl-0.9.8g/ssl/t1_lib.c
+@@ -132,6 +132,10 @@
+ int extdatalen=0;
+ unsigned char *ret = p;
+
++ /* don't add extensions for SSLv3 */
++ if (s->client_version == SSL3_VERSION)
++ return p;
++
+ ret+=2;
+
+ if (ret>=limit) return NULL; /* this really never occurs, but ... */
+@@ -202,6 +206,10 @@
+ int extdatalen=0;
+ unsigned char *ret = p;
+
++ /* don't add extensions for SSLv3 */
++ if (s->version == SSL3_VERSION)
++ return p;
++
+ ret+=2;
+ if (ret>=limit) return NULL; /* this really never occurs, but ... */
+
+--- openssl-0.9.8g.orig/ms/uplink.pl
++++ openssl-0.9.8g/ms/uplink.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # For Microsoft CL this is implemented as inline assembler. So that
+ # even though this script can generate even Win32 code, we'll be
+--- openssl-0.9.8g.orig/demos/tunala/configure.in
++++ openssl-0.9.8g/demos/tunala/configure.in
+@@ -1,4 +1,4 @@
+-dnl Process this file with autoconf to produce a configure script.
++#!/usr/local/bin/perl
+ AC_INIT(tunala.c)
+ AM_CONFIG_HEADER(config.h)
+ AM_INIT_AUTOMAKE(tunala, 0.0.1-dev)
+--- openssl-0.9.8g.orig/doc/Makefile
++++ openssl-0.9.8g/doc/Makefile
+@@ -0,0 +1,40 @@
++VERSION =
++
++#PODS = $(wildcard *.pod)
++#MANS = $(addsuffix .man, $(basename $(PODS)))
++
++MANS = openssl.1 ssl.3 crypto.3
++
++P2M = pod2man --center='OpenSSL Documentation' --release="OpenSSL $(VERSION)"
++
++all: manpages
++
++.PHONY: manpages
++
++manpages: openssl.1 crypto.3 ssl.3
++
++openssl.1:
++ $(P2M) --section=1 openssl.pod > openssl.1
++
++crypto.3:
++ $(P2M) --section=3 crypto.pod > crypto.3
++
++ssl.3:
++ $(P2M) --section=3 ssl.pod > ssl.3
++
++.PHONY: install
++install:
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p openssl.1 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ install -m 644 -p crypto.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p ssl.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ rm -f $(MANS)
++
++.PHONY: clean
++clean:
++ rm -f $(MANS)
++
++.PHONY: realclean
++realclean:
++ -$(MAKE) clean
+--- openssl-0.9.8g.orig/doc/apps/c_rehash.pod
++++ openssl-0.9.8g/doc/apps/c_rehash.pod
+@@ -0,0 +1,55 @@
++
++=pod
++
++=head1 NAME
++
++c_rehash - Create symbolic links to files named by the hash values
++
++=head1 SYNOPSIS
++
++B<c_rehash>
++[directory] ...
++
++=head1 DESCRIPTION
++
++c_rehash scans directories and takes a hash value of each .pem and .crt file in the directory. It then creates symbolic links for each of the files named by the hash value. This is useful as many programs require directories to be set up like this in order to find the certificates they require.
++
++If any directories are named on the command line then these directories are processed in turn. If not then and the environment variable SSL_CERT_DIR is defined then that is consulted. This variable should be a colon (:) separated list of directories, all of which will be processed. If neither of these conditions are true then /usr/lib/ssl/certs is processed.
++
++For each directory that is to be processed he user must have write permissions on the directory, if they do not then nothing will be printed for that directory.
++
++Note that this program deletes all the symbolic links that look like ones that it creates before processing a directory. Beware that if you run the program on a directory that contains symbolic links for other purposes that are named in the same format as those created by this program they will be lost.
++
++The hashes for certificate files are of the form <hash>.<n> where n is an integer. If the hash value already exists then n will be incremented, unless the file is a duplicate. Duplicates are detected using the fingerprint of the certificate. A warning will be printed if a duplicate is detected. The hashes for CRL files are of the form <hash>.r<n> and have the same behavior.
++
++The program will also warn if there are files with extension .pem which are not certificate or CRL files.
++
++The program uses the openssl program to compute the hashes and fingerprints. It expects the executable to be named openssl and be on the PATH, or in the /usr/lib/ssl/bin directory. If the OPENSSL environment variable is defined then this is used instead as the executable that provides the hashes and fingerprints. When called as $OPENSSL x509 -hash -fingerprint -noout -in $file it must output the hash of $file on the first line followed by the fingerprint on the second line, optionally prefixed with some text and an equals sign (=).
++
++=head1 OPTIONS
++
++None
++
++=head1 ENVIRONMENT
++
++=over 4
++
++=item B<OPENSSL>
++
++The name (and path) of an executable to use to generate hashes and fingerprints (see above).
++
++=item B<SSL_CERT_DIR>
++
++Colon separated list of directories to operate on. Ignored if directories are listed on the command line.
++
++=head1 SEE ALSO
++
++L<openssl(1)|openssl(1)>, L<x509(1)|x509(1)>
++
++=back
++
++=head1 BUGS
++
++No known bugs
++
++=cut
+--- openssl-0.9.8g.orig/crypto/Makefile
++++ openssl-0.9.8g/crypto/Makefile
+@@ -57,7 +57,7 @@
+ echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
+ echo '#endif' ) >buildinf.h
+
+-x86cpuid-elf.s: x86cpuid.pl perlasm/x86asm.pl
++x86cpuid-elf.S: x86cpuid.pl perlasm/x86asm.pl
+ $(PERL) x86cpuid.pl elf $(CFLAGS) $(PROCESSOR) > $@
+ x86cpuid-cof.s: x86cpuid.pl perlasm/x86asm.pl
+ $(PERL) x86cpuid.pl coff $(CFLAGS) $(PROCESSOR) > $@
+@@ -70,7 +70,7 @@
+ uplink-cof.s: ../ms/uplink.pl
+ $(PERL) ../ms/uplink.pl coff > $@
+
+-x86_64cpuid.s: x86_64cpuid.pl
++x86_64cpuid.S: x86_64cpuid.pl
+ $(PERL) x86_64cpuid.pl $@
+ ia64cpuid.s: ia64cpuid.S
+ $(CC) $(CFLAGS) -E ia64cpuid.S > $@
+--- openssl-0.9.8g.orig/crypto/x86cpuid.pl
++++ openssl-0.9.8g/crypto/x86cpuid.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+
+ push(@INC,"perlasm");
+ require "x86asm.pl";
+--- openssl-0.9.8g.orig/crypto/opensslconf.h
++++ openssl-0.9.8g/crypto/opensslconf.h
+@@ -10,6 +10,9 @@
+ #ifndef OPENSSL_NO_GMP
+ # define OPENSSL_NO_GMP
+ #endif
++#ifndef OPENSSL_NO_IDEA
++# define OPENSSL_NO_IDEA
++#endif
+ #ifndef OPENSSL_NO_KRB5
+ # define OPENSSL_NO_KRB5
+ #endif
+@@ -25,11 +28,11 @@
+ #ifndef OPENSSL_NO_SEED
+ # define OPENSSL_NO_SEED
+ #endif
+-#ifndef OPENSSL_NO_TLSEXT
+-# define OPENSSL_NO_TLSEXT
+-#endif
+
+ #endif /* OPENSSL_DOING_MAKEDEPEND */
++#ifndef OPENSSL_THREADS
++# define OPENSSL_THREADS
++#endif
+ #ifndef OPENSSL_NO_DYNAMIC_ENGINE
+ # define OPENSSL_NO_DYNAMIC_ENGINE
+ #endif
+@@ -45,6 +48,9 @@
+ # if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
+ # define NO_GMP
+ # endif
++# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
++# define NO_IDEA
++# endif
+ # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+ # define NO_KRB5
+ # endif
+@@ -60,11 +66,10 @@
+ # if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
+ # define NO_SEED
+ # endif
+-# if defined(OPENSSL_NO_TLSEXT) && !defined(NO_TLSEXT)
+-# define NO_TLSEXT
+-# endif
+ #endif
+
++#define OPENSSL_CPUID_OBJ
++
+ /* crypto/opensslconf.h.in */
+
+ /* Generate 80386 code? */
+@@ -72,8 +77,8 @@
+
+ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+-#define ENGINESDIR "/usr/local/ssl/lib/engines"
+-#define OPENSSLDIR "/usr/local/ssl"
++#define ENGINESDIR "/usr/lib/ssl/engines"
++#define OPENSSLDIR "/usr/lib/ssl"
+ #endif
+ #endif
+
+@@ -104,14 +109,14 @@
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+-#define RC4_INT unsigned int
++#define RC4_INT unsigned char
+ #endif
+ #if !defined(RC4_CHUNK)
+ /*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+-#undef RC4_CHUNK
++#define RC4_CHUNK unsigned long
+ #endif
+ #endif
+
+@@ -119,7 +124,7 @@
+ /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+ #ifndef DES_LONG
+-#define DES_LONG unsigned long
++#define DES_LONG unsigned int
+ #endif
+ #endif
+
+@@ -133,9 +138,9 @@
+ /* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+-#undef SIXTY_FOUR_BIT_LONG
++#define SIXTY_FOUR_BIT_LONG
+ #undef SIXTY_FOUR_BIT
+-#define THIRTY_TWO_BIT
++#undef THIRTY_TWO_BIT
+ #undef SIXTEEN_BIT
+ #undef EIGHT_BIT
+ #endif
+@@ -149,7 +154,7 @@
+
+ #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+ #define CONFIG_HEADER_BF_LOCL_H
+-#undef BF_PTR
++#define BF_PTR2
+ #endif /* HEADER_BF_LOCL_H */
+
+ #if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+@@ -179,7 +184,7 @@
+ /* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+ #ifndef DES_UNROLL
+-#undef DES_UNROLL
++#define DES_UNROLL
+ #endif
+
+ /* These default values were supplied by
+--- openssl-0.9.8g.orig/crypto/x86_64cpuid.pl
++++ openssl-0.9.8g/crypto/x86_64cpuid.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+
+ $output=shift;
+ $win64a=1 if ($output =~ /win64a\.[s|asm]/);
+@@ -134,5 +134,9 @@
+ .size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid
+
+ .section .init
++#ifdef OPENSSL_PIC
++ call OPENSSL_cpuid_setup\@PLT
++#else
+ call OPENSSL_cpuid_setup
++#endif
+ ___
+--- openssl-0.9.8g.orig/crypto/md5/asm/md5-x86_64.pl
++++ openssl-0.9.8g/crypto/md5/asm/md5-x86_64.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # MD5 optimized for AMD64.
+ #
+--- openssl-0.9.8g.orig/crypto/md5/asm/md5-sparcv9.S
++++ openssl-0.9.8g/crypto/md5/asm/md5-sparcv9.S
+@@ -74,14 +74,14 @@
+ #define Dval R8
+
+ #if defined(MD5_BLOCK_DATA_ORDER)
+-# if defined(OPENSSL_SYSNAME_ULTRASPARC)
++/*# if defined(OPENSSL_SYSNAME_ULTRASPARC)*/
+ # define LOAD lda
+ # define X(i) [%i1+i*4]%asi
+ # define md5_block md5_block_asm_data_order_aligned
+ # define ASI_PRIMARY_LITTLE 0x88
+-# else
++/*# else
+ # error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!"
+-# endif
++# endif*/
+ #else
+ # define LOAD ld
+ # define X(i) [%i1+i*4]
+--- openssl-0.9.8g.orig/crypto/sha/sha.h
++++ openssl-0.9.8g/crypto/sha/sha.h
+@@ -59,6 +59,7 @@
+ #ifndef HEADER_SHA_H
+ #define HEADER_SHA_H
+
++#include <stddef.h>
+ #include <openssl/e_os2.h>
+ #include <stddef.h>
+
+--- openssl-0.9.8g.orig/crypto/sha/asm/sha1-ia64.pl
++++ openssl-0.9.8g/crypto/sha/asm/sha1-ia64.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+--- openssl-0.9.8g.orig/crypto/sha/asm/sha512-sse2.pl
++++ openssl-0.9.8g/crypto/sha/asm/sha512-sse2.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+--- openssl-0.9.8g.orig/crypto/sha/asm/sha512-ia64.pl
++++ openssl-0.9.8g/crypto/sha/asm/sha512-ia64.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+--- openssl-0.9.8g.orig/crypto/rand/md_rand.c
++++ openssl-0.9.8g/crypto/rand/md_rand.c
+@@ -465,8 +465,10 @@
+ MD_Update(&m,local_md,MD_DIGEST_LENGTH);
+ MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
+ #ifndef PURIFY
++#if 0 /* Don't add uninitialised data. */
+ MD_Update(&m,buf,j); /* purify complains */
+ #endif
++#endif
+ k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
+ if (k > 0)
+ {
+--- openssl-0.9.8g.orig/crypto/des/asm/desboth.pl
++++ openssl-0.9.8g/crypto/des/asm/desboth.pl
+@@ -16,6 +16,11 @@
+
+ &push("edi");
+
++ &call (&label("pic_point0"));
++ &set_label("pic_point0");
++ &blindpop("ebp");
++ &add ("ebp", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]");
++
+ &comment("");
+ &comment("Load the data words");
+ &mov($L,&DWP(0,"ebx","",0));
+@@ -47,15 +52,21 @@
+ &mov(&swtmp(2), (DWC(($enc)?"1":"0")));
+ &mov(&swtmp(1), "eax");
+ &mov(&swtmp(0), "ebx");
+- &call("DES_encrypt2");
++ &exch("ebx", "ebp");
++ &call("DES_encrypt2\@PLT");
++ &exch("ebx", "ebp");
+ &mov(&swtmp(2), (DWC(($enc)?"0":"1")));
+ &mov(&swtmp(1), "edi");
+ &mov(&swtmp(0), "ebx");
+- &call("DES_encrypt2");
++ &exch("ebx", "ebp");
++ &call("DES_encrypt2\@PLT");
++ &exch("ebx", "ebp");
+ &mov(&swtmp(2), (DWC(($enc)?"1":"0")));
+ &mov(&swtmp(1), "esi");
+ &mov(&swtmp(0), "ebx");
+- &call("DES_encrypt2");
++ &exch("ebx", "ebp");
++ &call("DES_encrypt2\@PLT");
++ &exch("ebx", "ebp");
+
+ &stack_pop(3);
+ &mov($L,&DWP(0,"ebx","",0));
+--- openssl-0.9.8g.orig/crypto/rc4/asm/rc4-x86_64.pl
++++ openssl-0.9.8g/crypto/rc4/asm/rc4-x86_64.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+--- openssl-0.9.8g.orig/crypto/perlasm/x86unix.pl
++++ openssl-0.9.8g/crypto/perlasm/x86unix.pl
+@@ -399,6 +399,29 @@
+ $stack=4;
+ }
+
++sub main'function_begin_B_static
++ {
++ local($func,$extra)=@_;
++
++ &main'external_label($func);
++ $func=$under.$func;
++
++ local($tmp)=<<"EOF";
++.text
++EOF
++ push(@out,$tmp);
++ if ($main'cpp)
++ { push(@out,"TYPE($func,\@function)\n"); }
++ elsif ($main'coff)
++ { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
++ elsif ($main'aout and !$main'pic)
++ { }
++ else { push(@out,".type $func,\@function\n"); }
++ push(@out,".align\t$align\n");
++ push(@out,"$func:\n");
++ $stack=4;
++ }
++
+ sub main'function_end
+ {
+ local($func)=@_;
+@@ -730,7 +753,17 @@
+ {
+ $tmp=<<___;
+ .section .init
++#ifdef OPENSSL_PIC
++ pushl %ebx
++ call .pic_point0
++.pic_point0:
++ popl %ebx
++ addl \$_GLOBAL_OFFSET_TABLE_+[.-.pic_point0],%ebx
++ call $under$f\@PLT
++ popl %ebx
++#else
+ call $under$f
++#endif
+ jmp .Linitalign
+ .align $align
+ .Linitalign:
+--- openssl-0.9.8g.orig/crypto/perlasm/cbc.pl
++++ openssl-0.9.8g/crypto/perlasm/cbc.pl
+@@ -122,7 +122,11 @@
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+- &call($enc_func);
++ &call (&label("pic_point0"));
++ &set_label("pic_point0");
++ &blindpop("ebx");
++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]");
++ &call("$enc_func\@PLT");
+
+ &mov("eax", &DWP($data_off,"esp","",0));
+ &mov("ebx", &DWP($data_off+4,"esp","",0));
+@@ -187,7 +191,11 @@
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+- &call($enc_func);
++ &call (&label("pic_point1"));
++ &set_label("pic_point1");
++ &blindpop("ebx");
++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point1") . "]");
++ &call("$enc_func\@PLT");
+
+ &mov("eax", &DWP($data_off,"esp","",0));
+ &mov("ebx", &DWP($data_off+4,"esp","",0));
+@@ -220,7 +228,11 @@
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put back
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+- &call($dec_func);
++ &call (&label("pic_point2"));
++ &set_label("pic_point2");
++ &blindpop("ebx");
++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point2") . "]");
++ &call("$dec_func\@PLT");
+
+ &mov("eax", &DWP($data_off,"esp","",0)); # get return
+ &mov("ebx", &DWP($data_off+4,"esp","",0)); #
+@@ -263,7 +275,11 @@
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put back
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+- &call($dec_func);
++ &call (&label("pic_point3"));
++ &set_label("pic_point3");
++ &blindpop("ebx");
++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point3") . "]");
++ &call("$dec_func\@PLT");
+
+ &mov("eax", &DWP($data_off,"esp","",0)); # get return
+ &mov("ebx", &DWP($data_off+4,"esp","",0)); #
+--- openssl-0.9.8g.orig/crypto/perlasm/x86_64-xlate.pl
++++ openssl-0.9.8g/crypto/perlasm/x86_64-xlate.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+
+ # Ascetic x86_64 AT&T to MASM assembler translator by <appro>.
+ #
+--- openssl-0.9.8g.orig/crypto/pkcs7/pk7_mime.c
++++ openssl-0.9.8g/crypto/pkcs7/pk7_mime.c
+@@ -335,9 +335,9 @@
+
+ if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
+ strcmp(hdr->value, "application/pkcs7-signature")) {
+- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE);
+ ERR_add_error_data(2, "type: ", hdr->value);
++ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ sk_BIO_pop_free(parts, BIO_vfree);
+ return NULL;
+ }
+--- openssl-0.9.8g.orig/crypto/bn/asm/ppc.pl
++++ openssl-0.9.8g/crypto/bn/asm/ppc.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # Implemented as a Perl wrapper as we want to support several different
+ # architectures with single file. We pick up the target based on the
+--- openssl-0.9.8g.orig/crypto/aes/asm/aes-586.pl
++++ openssl-0.9.8g/crypto/aes/asm/aes-586.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+@@ -250,7 +250,7 @@
+ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } }
+
+ &public_label("AES_Te");
+-&function_begin_B("_x86_AES_encrypt");
++&function_begin_B_static("_x86_AES_encrypt");
+ if ($vertical_spin) {
+ # I need high parts of volatile registers to be accessible...
+ &exch ($s1="edi",$key="ebx");
+@@ -539,7 +539,7 @@
+ }
+
+ &public_label("AES_Td");
+-&function_begin_B("_x86_AES_decrypt");
++&function_begin_B_static("_x86_AES_decrypt");
+ # note that caller is expected to allocate stack frame for me!
+ &mov (&DWP(12,"esp"),$key); # save key
+
+@@ -1460,15 +1460,22 @@
+ &public_label("AES_Td");
+ &public_label("AES_Te");
+ &function_begin_B("AES_set_decrypt_key");
++ &push ("ebx");
+ &mov ("eax",&wparam(0));
+ &mov ("ecx",&wparam(1));
+ &mov ("edx",&wparam(2));
+ &sub ("esp",12);
++
++ &call (&label("pic_point0"));
++ &set_label("pic_point0");
++ &blindpop("ebx");
++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]");
+ &mov (&DWP(0,"esp"),"eax");
+ &mov (&DWP(4,"esp"),"ecx");
+ &mov (&DWP(8,"esp"),"edx");
+- &call ("AES_set_encrypt_key");
++ &call ("AES_set_encrypt_key\@PLT");
+ &add ("esp",12);
++ &pop ("ebx");
+ &cmp ("eax",0);
+ &je (&label("proceed"));
+ &ret ();
+--- openssl-0.9.8g.orig/crypto/asn1/charmap.pl
++++ openssl-0.9.8g/crypto/asn1/charmap.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ use strict;
+
+--- openssl-0.9.8g.orig/util/mkerr.pl
++++ openssl-0.9.8g/util/mkerr.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ my $config = "crypto/err/openssl.ec";
+ my $debug = 0;
+--- openssl-0.9.8g.orig/util/clean-depend.pl
++++ openssl-0.9.8g/util/clean-depend.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ # Clean the dependency list in a makefile of standard includes...
+ # Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
+
+--- openssl-0.9.8g.orig/util/extract-names.pl
++++ openssl-0.9.8g/util/extract-names.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+
+ $/ = ""; # Eat a paragraph at once.
+ while(<STDIN>) {
+--- openssl-0.9.8g.orig/util/pod2man.pl
++++ openssl-0.9.8g/util/pod2man.pl
+@@ -1,4 +1,4 @@
+-: #!/usr/bin/perl-5.005
++#!/usr/local/bin/perl
+ eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+
+--- openssl-0.9.8g.orig/util/mkstack.pl
++++ openssl-0.9.8g/util/mkstack.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ # This is a utility that searches out "DECLARE_STACK_OF()"
+ # declarations in .h and .c files, and updates/creates/replaces
+--- openssl-0.9.8g.orig/util/selftest.pl
++++ openssl-0.9.8g/util/selftest.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # Run the test suite and generate a report
+ #
+--- openssl-0.9.8g.orig/util/extract-section.pl
++++ openssl-0.9.8g/util/extract-section.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+
+ while(<STDIN>) {
+ if (/=for\s+comment\s+openssl_manual_section:(\S+)/)
+--- openssl-0.9.8g.orig/util/mkdef.pl
++++ openssl-0.9.8g/util/mkdef.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # generate a .def file
+ #
+--- openssl-0.9.8g.orig/util/pl/netware.pl
++++ openssl-0.9.8g/util/pl/netware.pl
+@@ -1,4 +1,4 @@
+-# Metrowerks Codewarrior for NetWare
++#!/usr/local/bin/perl
+ #
+
+ # The import files and other misc imports needed to link
diff --git a/recipes/openssl/openssl-0.9.8g/shared-libs.patch b/recipes/openssl/openssl-0.9.8g/shared-libs.patch
new file mode 100644
index 0000000000..db98582443
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.8g/shared-libs.patch
@@ -0,0 +1,45 @@
+diff -urN openssl-0.9.8g.orig/crypto/Makefile openssl-0.9.8g/crypto/Makefile
+--- openssl-0.9.8g.orig/crypto/Makefile 2006-02-04 02:48:41.000000000 +0100
++++ openssl-0.9.8g/crypto/Makefile 2008-05-12 15:17:03.000000000 +0200
+@@ -103,7 +103,7 @@
+
+ shared: buildinf.h lib subdirs
+ if [ -n "$(SHARED_LIBS)" ]; then \
+- (cd ..; $(MAKE) $(SHARED_LIB)); \
++ (cd ..; $(MAKE) -e $(SHARED_LIB)); \
+ fi
+
+ libs:
+diff -urN openssl-0.9.8g.orig/Makefile.org openssl-0.9.8g/Makefile.org
+--- openssl-0.9.8g.orig/Makefile.org 2007-04-24 01:49:54.000000000 +0200
++++ openssl-0.9.8g/Makefile.org 2008-05-12 15:16:34.000000000 +0200
+@@ -246,7 +246,7 @@
+
+ libcrypto$(SHLIB_EXT): libcrypto.a
+ @if [ "$(SHLIB_TARGET)" != "" ]; then \
+- $(MAKE) SHLIBDIRS=crypto build-shared; \
++ $(MAKE) -e SHLIBDIRS=crypto build-shared; \
+ else \
+ echo "There's no support for shared libraries on this platform" >&2; \
+ exit 1; \
+@@ -254,7 +254,7 @@
+
+ libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
+ @if [ "$(SHLIB_TARGET)" != "" ]; then \
+- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
++ $(MAKE) -e SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
+ else \
+ echo "There's no support for shared libraries on this platform" >&2; \
+ exit 1; \
+diff -urN openssl-0.9.8g.orig/ssl/Makefile openssl-0.9.8g/ssl/Makefile
+--- openssl-0.9.8g.orig/ssl/Makefile 2007-10-11 16:36:59.000000000 +0200
++++ openssl-0.9.8g/ssl/Makefile 2008-05-12 15:17:26.000000000 +0200
+@@ -62,7 +62,7 @@
+
+ shared: lib
+ if [ -n "$(SHARED_LIBS)" ]; then \
+- (cd ..; $(MAKE) $(SHARED_LIB)); \
++ (cd ..; $(MAKE) -e $(SHARED_LIB)); \
+ fi
+
+ files:
diff --git a/recipes/openssl/openssl-0.9.8j/configure-targets.patch b/recipes/openssl/openssl-0.9.8j/configure-targets.patch
new file mode 100644
index 0000000000..b68123a233
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.8j/configure-targets.patch
@@ -0,0 +1,24 @@
+
+The number of colons are important :)
+
+Index: openssl-0.9.8g/Configure
+===================================================================
+--- openssl-0.9.8g.orig/Configure 2008-04-12 04:27:22.000000000 +0200
++++ openssl-0.9.8g/Configure 2008-04-12 04:38:56.000000000 +0200
+@@ -395,6 +395,16 @@
+ "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
+ "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
+
++ # Linux on ARM
++"linux-elf-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-elf-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-gnueabi-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-uclibcgnueabi-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-uclibcgnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++
++"linux-avr32","$ENV{'CC'}:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
++
+ #### *BSD [do see comment about ${BSDthreads} above!]
+ "BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "BSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/recipes/openssl/openssl-0.9.8j/debian.patch b/recipes/openssl/openssl-0.9.8j/debian.patch
new file mode 100644
index 0000000000..54eec41cc1
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.8j/debian.patch
@@ -0,0 +1,561 @@
+Index: openssl-0.9.8j/Makefile
+===================================================================
+--- openssl-0.9.8j.orig/Makefile 2009-01-07 12:57:01.000000000 +0100
++++ openssl-0.9.8j/Makefile 2009-01-12 14:59:15.000000000 +0100
+@@ -26,10 +26,10 @@
+ # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+ # Normally it is left empty.
+ INSTALL_PREFIX=
+-INSTALLTOP=/usr/local/ssl
++INSTALLTOP=/usr
+
+ # Do not edit this manually. Use Configure --openssldir=DIR do change this!
+-OPENSSLDIR=/usr/local/ssl
++OPENSSLDIR=/usr/lib/ssl
+
+ # NO_IDEA - Define to build without the IDEA algorithm
+ # NO_RC4 - Define to build without the RC4 algorithm
+@@ -154,10 +154,11 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
++MANSECTION=SSL
+ SHELL=/bin/sh
+
+ TOP= .
+@@ -169,8 +170,8 @@
+ SHARED_SSL=libssl$(SHLIB_EXT)
+ SHARED_FIPS=
+ SHARED_LIBS=
+-SHARED_LIBS_LINK_EXTS=
+-SHARED_LDFLAGS=
++SHARED_LIBS_LINK_EXTS=.so
++SHARED_LDFLAGS=-m64 -Wl,--version-script=openssl.ld
+
+ GENERAL= Makefile
+ BASENAME= openssl
+@@ -445,7 +446,8 @@
+ echo 'Description: OpenSSL cryptography library'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+ libssl.pc: Makefile
+@@ -458,7 +460,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl'; \
++ echo 'Libs.private: -lcrypto $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+ openssl.pc: Makefile
+@@ -471,7 +474,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
+
+ Makefile: Makefile.org Configure config
+@@ -615,7 +619,7 @@
+ install_sw:
+ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib \
+- $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines \
++ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+@@ -693,7 +697,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+@@ -710,7 +714,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+Index: openssl-0.9.8j/Configure
+===================================================================
+--- openssl-0.9.8j.orig/Configure 2009-01-12 14:57:20.000000000 +0100
++++ openssl-0.9.8j/Configure 2009-01-12 14:59:15.000000000 +0100
+@@ -1,4 +1,4 @@
+-:
++#!/usr/local/bin/perl
+ eval 'exec perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+ ##
+@@ -315,6 +315,47 @@
+ "osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared:::.so",
+ "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
+
++# Debian GNU/* (various architectures)
++"debian-alpha","gcc:-DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev4","gcc:-DTERMIO -O3 -Wa,--noexecstack -mcpu=ev4 -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev5","gcc:-DTERMIO -O3 -Wa,--noexecstack -mcpu=ev5 -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-armeb","gcc:-DB_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-armel","gcc:-DL_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-kfreebsd-amd64","gcc:-m64 -DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-freebsd-alpha","gcc:-DTERMIOS -O -Wa,--noexecstack -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ia64","gcc:-DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC",
++"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-alpha","gcc:-DTERMIOS -O3 -Wa,--noexecstack -g::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-mips","gcc:-O2 -Wa,--noexecstack -g -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-m32r","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -mcpu=v8 -g -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,--noexecstack -Wa,-Av8plus -g -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++
+ ####
+ #### Variety of LINUX:-)
+ ####
+@@ -493,7 +534,7 @@
+ # Cygwin
+ "Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
+ "Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_coff_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+-"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
++-"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+
+ # NetWare from David Ward (dsward@novell.com)
+ # requires either MetroWerks NLM development tools, or gcc / nlmconv
+@@ -1436,6 +1477,8 @@
+ $shlib_minor=$2;
+ }
+
++$shared_ldflag .= " -Wl,--version-script=openssl.ld";
++
+ open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
+ unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
+ open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
+@@ -1523,7 +1566,8 @@
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
+ {
+ my $sotmp = $1;
+- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
++# s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
++ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
+ }
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
+ {
+@@ -1645,7 +1689,7 @@
+ if (/^#define\s+OPENSSLDIR/)
+ { print OUT "#define OPENSSLDIR \"$openssldir\"\n"; }
+ elsif (/^#define\s+ENGINESDIR/)
+- { print OUT "#define ENGINESDIR \"$prefix/lib/engines\"\n"; }
++ { print OUT "#define ENGINESDIR \"$prefix/lib/ssl/engines\"\n"; }
+ elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
+ { printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
+ if $export_var_as_fn;
+Index: openssl-0.9.8j/config
+===================================================================
+--- openssl-0.9.8j.orig/config 2007-08-01 13:21:35.000000000 +0200
++++ openssl-0.9.8j/config 2009-01-12 14:59:15.000000000 +0100
+@@ -162,8 +162,8 @@
+ echo "${MACHINE}-whatever-linux1"; exit 0
+ ;;
+
+- GNU*)
+- echo "hurd-x86"; exit 0;
++ GNU:*|GNU/*:*)
++ echo "${MACHINE}-gnuish"; exit 0;
+ ;;
+
+ LynxOS:*)
+Index: openssl-0.9.8j/Makefile.org
+===================================================================
+--- openssl-0.9.8j.orig/Makefile.org 2009-01-12 14:56:55.000000000 +0100
++++ openssl-0.9.8j/Makefile.org 2009-01-12 14:59:15.000000000 +0100
+@@ -152,10 +152,11 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
++MANSECTION=SSL
+ SHELL=/bin/sh
+
+ TOP= .
+@@ -443,7 +444,8 @@
+ echo 'Description: OpenSSL cryptography library'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+ libssl.pc: Makefile
+@@ -456,7 +458,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl'; \
++ echo 'Libs.private: -lcrypto $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+ openssl.pc: Makefile
+@@ -469,7 +472,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
+
+ Makefile: Makefile.org Configure config
+@@ -613,7 +617,7 @@
+ install_sw:
+ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib \
+- $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines \
++ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+@@ -691,7 +695,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+@@ -708,7 +712,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+Index: openssl-0.9.8j/openssl.ld
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ openssl-0.9.8j/openssl.ld 2009-01-12 14:59:15.000000000 +0100
+@@ -0,0 +1,5 @@
++OPENSSL_0.9.8 {
++ global:
++ *;
++};
++
+Index: openssl-0.9.8j/apps/s_time.c
+===================================================================
+--- openssl-0.9.8j.orig/apps/s_time.c 2003-12-27 15:40:17.000000000 +0100
++++ openssl-0.9.8j/apps/s_time.c 2009-01-12 14:59:15.000000000 +0100
+@@ -117,6 +117,7 @@
+
+ /* The following if from times(3) man page. It may need to be changed
+ */
++#undef HZ
+ #ifndef HZ
+ # ifdef _SC_CLK_TCK
+ # define HZ ((double)sysconf(_SC_CLK_TCK))
+Index: openssl-0.9.8j/engines/openssl.ld
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ openssl-0.9.8j/engines/openssl.ld 2009-01-12 14:59:15.000000000 +0100
+@@ -0,0 +1,5 @@
++OPENSSL_0.9.8 {
++ global:
++ *;
++};
++
+Index: openssl-0.9.8j/doc/Makefile
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ openssl-0.9.8j/doc/Makefile 2009-01-12 14:59:15.000000000 +0100
+@@ -0,0 +1,40 @@
++VERSION =
++
++#PODS = $(wildcard *.pod)
++#MANS = $(addsuffix .man, $(basename $(PODS)))
++
++MANS = openssl.1 ssl.3 crypto.3
++
++P2M = pod2man --center='OpenSSL Documentation' --release="OpenSSL $(VERSION)"
++
++all: manpages
++
++.PHONY: manpages
++
++manpages: openssl.1 crypto.3 ssl.3
++
++openssl.1:
++ $(P2M) --section=1 openssl.pod > openssl.1
++
++crypto.3:
++ $(P2M) --section=3 crypto.pod > crypto.3
++
++ssl.3:
++ $(P2M) --section=3 ssl.pod > ssl.3
++
++.PHONY: install
++install:
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p openssl.1 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ install -m 644 -p crypto.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p ssl.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ rm -f $(MANS)
++
++.PHONY: clean
++clean:
++ rm -f $(MANS)
++
++.PHONY: realclean
++realclean:
++ -$(MAKE) clean
+Index: openssl-0.9.8j/doc/apps/c_rehash.pod
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ openssl-0.9.8j/doc/apps/c_rehash.pod 2009-01-12 14:59:15.000000000 +0100
+@@ -0,0 +1,55 @@
++
++=pod
++
++=head1 NAME
++
++c_rehash - Create symbolic links to files named by the hash values
++
++=head1 SYNOPSIS
++
++B<c_rehash>
++[directory] ...
++
++=head1 DESCRIPTION
++
++c_rehash scans directories and takes a hash value of each .pem and .crt file in the directory. It then creates symbolic links for each of the files named by the hash value. This is useful as many programs require directories to be set up like this in order to find the certificates they require.
++
++If any directories are named on the command line then these directories are processed in turn. If not then and the environment variable SSL_CERT_DIR is defined then that is consulted. This variable should be a colon (:) separated list of directories, all of which will be processed. If neither of these conditions are true then /usr/lib/ssl/certs is processed.
++
++For each directory that is to be processed he user must have write permissions on the directory, if they do not then nothing will be printed for that directory.
++
++Note that this program deletes all the symbolic links that look like ones that it creates before processing a directory. Beware that if you run the program on a directory that contains symbolic links for other purposes that are named in the same format as those created by this program they will be lost.
++
++The hashes for certificate files are of the form <hash>.<n> where n is an integer. If the hash value already exists then n will be incremented, unless the file is a duplicate. Duplicates are detected using the fingerprint of the certificate. A warning will be printed if a duplicate is detected. The hashes for CRL files are of the form <hash>.r<n> and have the same behavior.
++
++The program will also warn if there are files with extension .pem which are not certificate or CRL files.
++
++The program uses the openssl program to compute the hashes and fingerprints. It expects the executable to be named openssl and be on the PATH, or in the /usr/lib/ssl/bin directory. If the OPENSSL environment variable is defined then this is used instead as the executable that provides the hashes and fingerprints. When called as $OPENSSL x509 -hash -fingerprint -noout -in $file it must output the hash of $file on the first line followed by the fingerprint on the second line, optionally prefixed with some text and an equals sign (=).
++
++=head1 OPTIONS
++
++None
++
++=head1 ENVIRONMENT
++
++=over 4
++
++=item B<OPENSSL>
++
++The name (and path) of an executable to use to generate hashes and fingerprints (see above).
++
++=item B<SSL_CERT_DIR>
++
++Colon separated list of directories to operate on. Ignored if directories are listed on the command line.
++
++=head1 SEE ALSO
++
++L<openssl(1)|openssl(1)>, L<x509(1)|x509(1)>
++
++=back
++
++=head1 BUGS
++
++No known bugs
++
++=cut
+Index: openssl-0.9.8j/crypto/Makefile
+===================================================================
+--- openssl-0.9.8j.orig/crypto/Makefile 2009-01-12 14:56:55.000000000 +0100
++++ openssl-0.9.8j/crypto/Makefile 2009-01-12 14:59:15.000000000 +0100
+@@ -57,7 +57,7 @@
+ echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
+ echo '#endif' ) >buildinf.h
+
+-x86cpuid-elf.s: x86cpuid.pl perlasm/x86asm.pl
++x86cpuid-elf.S: x86cpuid.pl perlasm/x86asm.pl
+ $(PERL) x86cpuid.pl elf $(CFLAGS) $(PROCESSOR) > $@
+ x86cpuid-cof.s: x86cpuid.pl perlasm/x86asm.pl
+ $(PERL) x86cpuid.pl coff $(CFLAGS) $(PROCESSOR) > $@
+@@ -70,7 +70,7 @@
+ uplink-cof.s: ../ms/uplink.pl
+ $(PERL) ../ms/uplink.pl coff > $@
+
+-x86_64cpuid.s: x86_64cpuid.pl
++x86_64cpuid.S: x86_64cpuid.pl
+ $(PERL) x86_64cpuid.pl $@
+ ia64cpuid.s: ia64cpuid.S
+ $(CC) $(CFLAGS) -E ia64cpuid.S > $@
+Index: openssl-0.9.8j/crypto/opensslconf.h
+===================================================================
+--- openssl-0.9.8j.orig/crypto/opensslconf.h 2009-01-07 12:57:01.000000000 +0100
++++ openssl-0.9.8j/crypto/opensslconf.h 2009-01-12 14:59:15.000000000 +0100
+@@ -20,6 +20,9 @@
+ #ifndef OPENSSL_NO_JPAKE
+ # define OPENSSL_NO_JPAKE
+ #endif
++#ifndef OPENSSL_NO_IDEA
++# define OPENSSL_NO_IDEA
++#endif
+ #ifndef OPENSSL_NO_KRB5
+ # define OPENSSL_NO_KRB5
+ #endif
+@@ -62,6 +65,9 @@
+ # if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
+ # define NO_JPAKE
+ # endif
++# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
++# define NO_IDEA
++# endif
+ # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+ # define NO_KRB5
+ # endif
+@@ -101,8 +107,8 @@
+
+ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+-#define ENGINESDIR "/usr/local/ssl/lib/engines"
+-#define OPENSSLDIR "/usr/local/ssl"
++#define ENGINESDIR "/usr/lib/ssl/engines"
++#define OPENSSLDIR "/usr/lib/ssl"
+ #endif
+ #endif
+
+@@ -133,14 +139,14 @@
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+-#define RC4_INT unsigned int
++#define RC4_INT unsigned char
+ #endif
+ #if !defined(RC4_CHUNK)
+ /*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+-#undef RC4_CHUNK
++#define RC4_CHUNK unsigned long
+ #endif
+ #endif
+
+@@ -148,7 +154,7 @@
+ /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+ #ifndef DES_LONG
+-#define DES_LONG unsigned long
++#define DES_LONG unsigned int
+ #endif
+ #endif
+
+@@ -162,9 +168,9 @@
+ /* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+-#undef SIXTY_FOUR_BIT_LONG
++#define SIXTY_FOUR_BIT_LONG
+ #undef SIXTY_FOUR_BIT
+-#define THIRTY_TWO_BIT
++#undef THIRTY_TWO_BIT
+ #undef SIXTEEN_BIT
+ #undef EIGHT_BIT
+ #endif
+@@ -178,7 +184,7 @@
+
+ #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+ #define CONFIG_HEADER_BF_LOCL_H
+-#undef BF_PTR
++#define BF_PTR2
+ #endif /* HEADER_BF_LOCL_H */
+
+ #if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+@@ -208,7 +214,7 @@
+ /* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+ #ifndef DES_UNROLL
+-#undef DES_UNROLL
++#define DES_UNROLL
+ #endif
+
+ /* These default values were supplied by
+Index: openssl-0.9.8j/crypto/sha/sha.h
+===================================================================
+--- openssl-0.9.8j.orig/crypto/sha/sha.h 2008-09-16 12:47:28.000000000 +0200
++++ openssl-0.9.8j/crypto/sha/sha.h 2009-01-12 14:59:15.000000000 +0100
+@@ -59,6 +59,7 @@
+ #ifndef HEADER_SHA_H
+ #define HEADER_SHA_H
+
++#include <stddef.h>
+ #include <openssl/e_os2.h>
+ #include <stddef.h>
+
+Index: openssl-0.9.8j/crypto/pkcs7/pk7_mime.c
+===================================================================
+--- openssl-0.9.8j.orig/crypto/pkcs7/pk7_mime.c 2008-11-05 19:36:48.000000000 +0100
++++ openssl-0.9.8j/crypto/pkcs7/pk7_mime.c 2009-01-12 14:59:15.000000000 +0100
+@@ -335,9 +335,9 @@
+
+ if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
+ strcmp(hdr->value, "application/pkcs7-signature")) {
+- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE);
+ ERR_add_error_data(2, "type: ", hdr->value);
++ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ sk_BIO_pop_free(parts, BIO_vfree);
+ return NULL;
+ }
diff --git a/recipes/openssl/openssl-0.9.8j/shared-libs.patch b/recipes/openssl/openssl-0.9.8j/shared-libs.patch
new file mode 100644
index 0000000000..08b0c7594b
--- /dev/null
+++ b/recipes/openssl/openssl-0.9.8j/shared-libs.patch
@@ -0,0 +1,81 @@
+Index: openssl-0.9.8j/crypto/Makefile
+===================================================================
+--- openssl-0.9.8j.orig/crypto/Makefile 2008-09-17 19:10:55.000000000 +0200
++++ openssl-0.9.8j/crypto/Makefile 2009-01-12 18:25:23.000000000 +0100
+@@ -103,7 +103,7 @@
+
+ shared: buildinf.h lib subdirs
+ if [ -n "$(SHARED_LIBS)" ]; then \
+- (cd ..; $(MAKE) $(SHARED_LIB)); \
++ (cd ..; $(MAKE) -e $(SHARED_LIB)); \
+ fi
+
+ libs:
+Index: openssl-0.9.8j/Makefile.org
+===================================================================
+--- openssl-0.9.8j.orig/Makefile.org 2008-12-30 14:26:26.000000000 +0100
++++ openssl-0.9.8j/Makefile.org 2009-01-12 18:25:55.000000000 +0100
+@@ -353,11 +353,11 @@
+ @if [ "$(SHLIB_TARGET)" != "" ]; then \
+ if [ "$(FIPSCANLIB)" = "libfips" ]; then \
+ $(ARD) libcrypto.a fipscanister.o ; \
+- $(MAKE) SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \
++ $(MAKE) -e SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \
+ $(AR) libcrypto.a fips/fipscanister.o ; \
+ else \
+ if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+- FIPSLD_CC=$(CC); CC=fips/fipsld; \
++ FIPSLD_CC="$(CC)"; CC=fips/fipsld; \
+ export CC FIPSLD_CC; \
+ fi; \
+ $(MAKE) -e SHLIBDIRS='crypto' build-shared; \
+@@ -371,7 +371,7 @@
+ @if [ "$(SHLIB_TARGET)" != "" ]; then \
+ shlibdeps=-lcrypto; \
+ [ "$(FIPSCANLIB)" = "libfips" ] && shlibdeps="$$shlibdeps -lfips"; \
+- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS="$$shlibdeps" build-shared; \
++ $(MAKE) -e SHLIBDIRS=ssl SHLIBDEPS="$$shlibdeps" build-shared; \
+ else \
+ echo "There's no support for shared libraries on this platform" >&2 ; \
+ exit 1; \
+@@ -380,7 +380,7 @@
+ fips/fipscanister.o: build_fips
+ libfips$(SHLIB_EXT): fips/fipscanister.o
+ @if [ "$(SHLIB_TARGET)" != "" ]; then \
+- FIPSLD_CC=$(CC); CC=fips/fipsld; export CC FIPSLD_CC; \
++ FIPSLD_CC="$(CC)"; CC=fips/fipsld; export CC FIPSLD_CC; \
+ $(MAKE) -f Makefile.shared -e $(BUILDENV) \
+ CC=$${CC} LIBNAME=fips THIS=$@ \
+ LIBEXTRAS=fips/fipscanister.o \
+Index: openssl-0.9.8j/ssl/Makefile
+===================================================================
+--- openssl-0.9.8j.orig/ssl/Makefile 2008-09-17 19:11:09.000000000 +0200
++++ openssl-0.9.8j/ssl/Makefile 2009-01-12 18:25:02.000000000 +0100
+@@ -62,7 +62,7 @@
+
+ shared: lib
+ if [ -n "$(SHARED_LIBS)" ]; then \
+- (cd ..; $(MAKE) $(SHARED_LIB)); \
++ (cd ..; $(MAKE) -e $(SHARED_LIB)); \
+ fi
+
+ files:
+Index: openssl-0.9.8j/apps/Makefile
+===================================================================
+--- openssl-0.9.8j.orig/apps/Makefile 2008-11-19 17:03:48.000000000 +0100
++++ openssl-0.9.8j/apps/Makefile 2009-01-12 18:26:33.000000000 +0100
+@@ -153,12 +153,12 @@
+ shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+ shlib_target="$(SHLIB_TARGET)"; \
+ elif [ -n "$(FIPSCANLIB)" ]; then \
+- FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
++ FIPSLD_CC="$(CC)"; CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
+ fi; \
+ LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \
+ [ "x$(FIPSCANLIB)" = "xlibfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \
+ $(MAKE) -f $(TOP)/Makefile.shared -e \
+- CC=$${CC} APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \
++ CC="$${CC}" APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \
+ LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+ link_app.$${shlib_target}
+ -(cd ..; \
diff --git a/recipes/openssl/openssl-native_0.9.7g.bb b/recipes/openssl/openssl-native_0.9.7g.bb
new file mode 100644
index 0000000000..f48e123152
--- /dev/null
+++ b/recipes/openssl/openssl-native_0.9.7g.bb
@@ -0,0 +1,16 @@
+inherit pkgconfig native
+
+require openssl.inc
+
+PR = "r2"
+
+SRC_URI += "file://debian.patch;patch=1 \
+ file://armeb.patch;patch=1;pnum=0 \
+ file://gnueabi-arm.patch;patch=1"
+
+FILESPATH = "${@base_set_filespath( ['${FILE_DIRNAME}/openssl-${PV}', '${FILE_DIRNAME}/openssl', '${FILE_DIRNAME}/files', '${FILE_DIRNAME}' ], d)}"
+
+do_install() {
+ :
+}
+
diff --git a/recipes/openssl/openssl-native_0.9.7m.bb b/recipes/openssl/openssl-native_0.9.7m.bb
new file mode 100644
index 0000000000..e7dc7c7e5e
--- /dev/null
+++ b/recipes/openssl/openssl-native_0.9.7m.bb
@@ -0,0 +1,20 @@
+inherit pkgconfig native
+
+require openssl.inc
+
+# This flag can contain target options (e.g -mfpu=neon for armv7-a systems)
+export FULL_OPTIMIZATION = " "
+export BUILD_OPTIMIZATION = " "
+
+PR = "r2"
+
+SRC_URI += "file://debian.patch;patch=1 \
+ file://armeb.patch;patch=1;pnum=0 \
+ file://gnueabi-arm.patch;patch=1"
+
+FILESPATH = "${@base_set_filespath( ['${FILE_DIRNAME}/openssl-${PV}', '${FILE_DIRNAME}/openssl', '${FILE_DIRNAME}/files', '${FILE_DIRNAME}' ], d)}"
+
+do_install() {
+ :
+}
+
diff --git a/recipes/openssl/openssl-native_0.9.8g.bb b/recipes/openssl/openssl-native_0.9.8g.bb
new file mode 100644
index 0000000000..9ae8e391d0
--- /dev/null
+++ b/recipes/openssl/openssl-native_0.9.8g.bb
@@ -0,0 +1,24 @@
+inherit pkgconfig native
+
+DEFAULT_PREFERENCE = "-1"
+
+require openssl.inc
+
+PR = "r1"
+
+# This flag can contain target options (e.g -mfpu=neon for armv7-a systems)
+export FULL_OPTIMIZATION = " "
+export BUILD_OPTIMIZATION = " "
+
+SRC_URI += "file://debian.patch;patch=1 \
+ file://configure-targets.patch;patch=1 \
+ file://shared-libs.patch;patch=1"
+
+PARALLEL_MAKE = ""
+
+FILESPATH = "${@base_set_filespath( ['${FILE_DIRNAME}/openssl-${PV}', '${FILE_DIRNAME}/openssl', '${FILE_DIRNAME}/files', '${FILE_DIRNAME}' ], d)}"
+
+do_install() {
+ :
+}
+
diff --git a/recipes/openssl/openssl-native_0.9.8j.bb b/recipes/openssl/openssl-native_0.9.8j.bb
new file mode 100644
index 0000000000..5f3e3076cb
--- /dev/null
+++ b/recipes/openssl/openssl-native_0.9.8j.bb
@@ -0,0 +1,24 @@
+inherit pkgconfig native
+
+DEFAULT_PREFERENCE = "-1"
+
+require openssl.inc
+
+PR = "r1"
+
+# This flag can contain target options (e.g -mfpu=neon for armv7-a systems)
+export FULL_OPTIMIZATION = " "
+export BUILD_OPTIMIZATION = " "
+
+SRC_URI += "file://configure-targets.patch;patch=1 \
+ file://shared-libs.patch;patch=1 \
+ file://debian.patch;patch=1"
+
+PARALLEL_MAKE = ""
+
+FILESPATH = "${@base_set_filespath( ['${FILE_DIRNAME}/openssl-${PV}', '${FILE_DIRNAME}/openssl', '${FILE_DIRNAME}/files', '${FILE_DIRNAME}' ], d)}"
+
+do_install() {
+ :
+}
+
diff --git a/recipes/openssl/openssl.inc b/recipes/openssl/openssl.inc
new file mode 100644
index 0000000000..2ec1d91e7a
--- /dev/null
+++ b/recipes/openssl/openssl.inc
@@ -0,0 +1,95 @@
+DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools."
+HOMEPAGE = "http://www.openssl.org/"
+LICENSE = "openssl"
+SECTION = "libs/network"
+
+SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz"
+S = "${WORKDIR}/openssl-${PV}"
+
+AR_append = " r"
+CFLAG = "${@base_conditional('SITEINFO_ENDIANESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \
+ -DTERMIO ${FULL_OPTIMIZATION} -Wall"
+
+# -02 does not work on mipsel: ssh hangs when it tries to read /dev/urandom
+CFLAG_mtx-1 := "${@'${CFLAG}'.replace('-O2', '')}"
+CFLAG_mtx-2 := "${@'${CFLAG}'.replace('-O2', '')}"
+
+export DIRS = "crypto ssl apps"
+export EX_LIBS = "-lgcc -ldl"
+export AS = "${CC} -c"
+
+PACKAGES =+ "libcrypto libssl"
+FILES_libcrypto = "${libdir}/libcrypto.so.*"
+FILES_libssl = "${libdir}/libssl.so.*"
+
+do_configure () {
+ cd util
+ perl perlpath.pl ${bindir}
+ cd ..
+ ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/
+
+ os=${HOST_OS}
+ if [ "x$os" = "xlinux-uclibc" ]; then
+ os=linux
+ fi
+ target="$os-${HOST_ARCH}"
+ case $target in
+ linux-arm)
+ target=linux-elf-arm
+ ;;
+ linux-armeb)
+ target=linux-elf-armeb
+ ;;
+ linux-sh3)
+ target=debian-sh3
+ ;;
+ linux-sh4)
+ target=debian-sh4
+ ;;
+ linux-i486)
+ target=debian-i386-i486
+ ;;
+ linux-i586)
+ target=debian-i386-i586
+ ;;
+ linux-i686)
+ target=debian-i386-i686/cmov
+ ;;
+ linux-mips)
+ target=debian-mips
+ ;;
+ linux-mipsel)
+ target=debian-mipsel
+ ;;
+ linux-powerpc)
+ target=linux-ppc
+ ;;
+ linux-supersparc)
+ target=linux-sparcv8
+ ;;
+ linux-sparc)
+ target=linux-sparcv8
+ ;;
+ esac
+ # inject machine-specific flags
+ sed -i -e "s|^\(\"$target\",\s*\"[^:]\+\):\([^:]\+\)|\1:${CFLAG}|g" Configure
+ perl ./Configure shared --prefix=${prefix} --openssldir=${libdir}/ssl $target
+}
+
+do_compile () {
+ oe_runmake
+}
+
+do_stage () {
+ cp --dereference -R include/openssl ${STAGING_INCDIR}/
+ oe_libinstall -a -so libcrypto ${STAGING_LIBDIR}
+ oe_libinstall -a -so libssl ${STAGING_LIBDIR}
+}
+
+do_install () {
+ install -m 0755 -d ${D}${libdir}/pkgconfig
+ oe_runmake INSTALL_PREFIX="${D}" install
+ chmod 644 ${D}${libdir}/pkgconfig/openssl.pc
+ oe_libinstall -so libcrypto ${D}${libdir}
+ oe_libinstall -so libssl ${D}${libdir}
+}
diff --git a/recipes/openssl/openssl_0.9.7e.bb b/recipes/openssl/openssl_0.9.7e.bb
new file mode 100644
index 0000000000..cda364a53d
--- /dev/null
+++ b/recipes/openssl/openssl_0.9.7e.bb
@@ -0,0 +1,7 @@
+require openssl.inc
+
+PR = "r6"
+
+SRC_URI += "file://debian.patch;patch=1 \
+ file://armeb.patch;patch=1 \
+ file://gnueabi-arm.patch;patch=1"
diff --git a/recipes/openssl/openssl_0.9.7g.bb b/recipes/openssl/openssl_0.9.7g.bb
new file mode 100644
index 0000000000..fbd2af26f9
--- /dev/null
+++ b/recipes/openssl/openssl_0.9.7g.bb
@@ -0,0 +1,12 @@
+inherit pkgconfig
+
+require openssl.inc
+
+PR = "r7"
+
+SRC_URI += "file://debian.patch;patch=1 \
+ file://armeb.patch;patch=1;pnum=0 \
+ file://gnueabi-arm.patch;patch=1 \
+ file://gnueabi-armeb.patch;patch=1 \
+ file://uclibcgnueabi.patch;patch=1 \
+ file://avr32.patch;patch=1;pnum=0"
diff --git a/recipes/openssl/openssl_0.9.7m.bb b/recipes/openssl/openssl_0.9.7m.bb
new file mode 100644
index 0000000000..fbd2af26f9
--- /dev/null
+++ b/recipes/openssl/openssl_0.9.7m.bb
@@ -0,0 +1,12 @@
+inherit pkgconfig
+
+require openssl.inc
+
+PR = "r7"
+
+SRC_URI += "file://debian.patch;patch=1 \
+ file://armeb.patch;patch=1;pnum=0 \
+ file://gnueabi-arm.patch;patch=1 \
+ file://gnueabi-armeb.patch;patch=1 \
+ file://uclibcgnueabi.patch;patch=1 \
+ file://avr32.patch;patch=1;pnum=0"
diff --git a/recipes/openssl/openssl_0.9.8g.bb b/recipes/openssl/openssl_0.9.8g.bb
new file mode 100644
index 0000000000..1cb360f967
--- /dev/null
+++ b/recipes/openssl/openssl_0.9.8g.bb
@@ -0,0 +1,11 @@
+inherit pkgconfig
+
+require openssl.inc
+
+PR = "r9"
+
+SRC_URI += "file://debian.patch;patch=1 \
+ file://configure-targets.patch;patch=1 \
+ file://shared-libs.patch;patch=1"
+
+PARALLEL_MAKE = ""
diff --git a/recipes/openssl/openssl_0.9.8j.bb b/recipes/openssl/openssl_0.9.8j.bb
new file mode 100644
index 0000000000..d40fb48bfe
--- /dev/null
+++ b/recipes/openssl/openssl_0.9.8j.bb
@@ -0,0 +1,11 @@
+inherit pkgconfig
+
+require openssl.inc
+
+PR = "r1"
+
+SRC_URI += "file://configure-targets.patch;patch=1 \
+ file://shared-libs.patch;patch=1 \
+ file://debian.patch;patch=1"
+
+PARALLEL_MAKE = ""