summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2015-03-19 16:13:02 +0000
committerTimo Teräs <timo.teras@iki.fi>2015-03-20 07:09:40 +0000
commitfe6a6566db78dfcc252a6b38d6a54d9d1c1d6aa0 (patch)
tree2980f80a300ccebea644509a22d587101b93ac87
parent888b332e55b42f91e3052de5d047fbb087c7ea7b (diff)
downloadaports-fe6a6566db78dfcc252a6b38d6a54d9d1c1d6aa0.tar.bz2
aports-fe6a6566db78dfcc252a6b38d6a54d9d1c1d6aa0.tar.xz
main/openssl: security upgrade to 1.0.1m
-rw-r--r--main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch97
-rw-r--r--main/openssl/0001-fix-manpages.patch (renamed from main/openssl/fix-manpages.patch)22
-rw-r--r--main/openssl/0002-busybox-basename.patch (renamed from main/openssl/openssl-bb-basename.patch)24
-rw-r--r--main/openssl/0003-use-termios.patch26
-rw-r--r--main/openssl/0004-crypto-engine-autoload-padlock-dynamic-engine.patch33
-rw-r--r--main/openssl/0004-fix-default-ca-path-for-apps.patch104
-rw-r--r--main/openssl/0005-fix-parallel-build.patch (renamed from main/openssl/openssl-1.0.1-parallel-build.patch)93
-rw-r--r--main/openssl/0005-s_client-ircv3-starttls.patch56
-rw-r--r--main/openssl/0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch68
-rw-r--r--main/openssl/0007-reimplement-c_rehash-in-C.patch447
-rw-r--r--main/openssl/0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch27
-rw-r--r--main/openssl/0009-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch88
-rw-r--r--main/openssl/0010-backport-changes-from-upstream-padlock-module.patch (renamed from main/openssl/0002-engines-e_padlock-backport-cvs-head-changes.patch)137
-rw-r--r--main/openssl/0011-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch (renamed from main/openssl/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch)243
-rw-r--r--main/openssl/0012-crypto-engine-autoload-padlock-dynamic-engine.patch32
-rw-r--r--main/openssl/APKBUILD132
-rw-r--r--main/openssl/abi-compat-no-freelists.patch13
-rw-r--r--main/openssl/c_rehash.c236
-rw-r--r--main/openssl/fix-default-apps-capath.patch102
-rw-r--r--main/openssl/openssl-1.0.1-version-eglibc.patch55
-rw-r--r--main/openssl/openssl-use-termios.patch12
-rw-r--r--main/openssl/version-script-eglibc.patch4664
22 files changed, 1118 insertions, 5593 deletions
diff --git a/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch b/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
deleted file mode 100644
index 7d8092607..000000000
--- a/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
+++ /dev/null
@@ -1,97 +0,0 @@
-From ca3e27975dce1d969eeb41f5d882b34cb3eb1efb Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Fri, 4 Jun 2010 09:48:39 +0300
-Subject: [PATCH 1/4] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it
- properly
-
-Some engines (namely VIA C7 Padlock) work only if EVP_MD_CTX_FLAG_ONESHOT
-is set before final update. This is because some crypto accelerators cannot
-perform non-finalizing transform of the digest.
-
-The usage of EVP_MD_CTX_FLAG_ONESHOT is used semantically slightly
-differently here. It is set before the final EVP_DigestUpdate call, not
-necessarily before EVP_DigestInit call. This will not cause any problems
-though.
----
- crypto/hmac/hmac.c | 15 ++++++++++++---
- 1 file changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
-index ba27cbf..cffa0ba 100644
---- a/crypto/hmac/hmac.c
-+++ b/crypto/hmac/hmac.c
-@@ -104,6 +104,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
- OPENSSL_assert(j <= (int)sizeof(ctx->key));
- if (j < len)
- {
-+ EVP_MD_CTX_set_flags(&ctx->md_ctx, EVP_MD_CTX_FLAG_ONESHOT);
- if (!EVP_DigestInit_ex(&ctx->md_ctx,md, impl))
- goto err;
- if (!EVP_DigestUpdate(&ctx->md_ctx,key,len))
-@@ -127,6 +128,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
- {
- for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
- pad[i]=0x36^ctx->key[i];
-+ EVP_MD_CTX_clear_flags(&ctx->i_ctx, EVP_MD_CTX_FLAG_ONESHOT);
- if (!EVP_DigestInit_ex(&ctx->i_ctx,md, impl))
- goto err;
- if (!EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md)))
-@@ -134,14 +136,18 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
-
- for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
- pad[i]=0x5c^ctx->key[i];
-+ EVP_MD_CTX_clear_flags(&ctx->o_ctx, EVP_MD_CTX_FLAG_ONESHOT);
- if (!EVP_DigestInit_ex(&ctx->o_ctx,md, impl))
- goto err;
- if (!EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md)))
- goto err;
- }
-+
- if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx))
- goto err;
-+ EVP_MD_CTX_clear_flags(&ctx->md_ctx, EVP_MD_CTX_FLAG_ONESHOT);
- return 1;
-+
- err:
- return 0;
- }
-@@ -166,6 +172,7 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
- {
- unsigned int i;
- unsigned char buf[EVP_MAX_MD_SIZE];
-+
- #ifdef OPENSSL_FIPS
- if (FIPS_mode() && !ctx->i_ctx.engine)
- return FIPS_hmac_final(ctx, md, len);
-@@ -175,6 +182,7 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
- goto err;
- if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx))
- goto err;
-+ EVP_MD_CTX_set_flags(&ctx->md_ctx,EVP_MD_CTX_FLAG_ONESHOT);
- if (!EVP_DigestUpdate(&ctx->md_ctx,buf,i))
- goto err;
- if (!EVP_DigestFinal_ex(&ctx->md_ctx,md,len))
-@@ -231,8 +239,9 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
-
- if (md == NULL) md=m;
- HMAC_CTX_init(&c);
-- if (!HMAC_Init(&c,key,key_len,evp_md))
-+ if (!HMAC_Init_ex(&c,key,key_len,evp_md,NULL))
- goto err;
-+ HMAC_CTX_set_flags(&c,EVP_MD_CTX_FLAG_ONESHOT);
- if (!HMAC_Update(&c,d,n))
- goto err;
- if (!HMAC_Final(&c,md,md_len))
-@@ -245,7 +254,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
-
- void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
- {
-- EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
-- EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
-+ EVP_MD_CTX_set_flags(&ctx->i_ctx, flags & ~EVP_MD_CTX_FLAG_ONESHOT);
-+ EVP_MD_CTX_set_flags(&ctx->o_ctx, flags & ~EVP_MD_CTX_FLAG_ONESHOT);
- EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
- }
---
-1.7.11.3
-
diff --git a/main/openssl/fix-manpages.patch b/main/openssl/0001-fix-manpages.patch
index 082f8a578..144cf5920 100644
--- a/main/openssl/fix-manpages.patch
+++ b/main/openssl/0001-fix-manpages.patch
@@ -11,28 +11,6 @@ index 2134e3a..18a8831 100644
* I've compiled a program under Windows and it crashes: why?
-diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
-index 88088ce..e5da17f 100644
---- a/crypto/rand/md_rand.c
-+++ b/crypto/rand/md_rand.c
-@@ -196,7 +196,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
- int do_not_lock;
-
- /*
-- * (Based on the rand(3) manpage)
-+ * (Based on the openssl_rand(3) manpage)
- *
- * The input is chopped up into units of 20 bytes (or less for
- * the last block). Each of these blocks is run through the hash
-@@ -361,7 +361,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
- num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2);
-
- /*
-- * (Based on the rand(3) manpage:)
-+ * (Based on the openssl_rand(3) manpage)
- *
- * For each group of 10 bytes (or less), we do the following:
- *
diff --git a/doc/apps/openssl.pod b/doc/apps/openssl.pod
index 738142e..e904f05 100644
--- a/doc/apps/openssl.pod
diff --git a/main/openssl/openssl-bb-basename.patch b/main/openssl/0002-busybox-basename.patch
index 441c7b91e..9bbc284f3 100644
--- a/main/openssl/openssl-bb-basename.patch
+++ b/main/openssl/0002-busybox-basename.patch
@@ -1,15 +1,26 @@
---- openssl-0.9.8i.orig/Makefile.org Wed Nov 5 21:43:31 2008
-+++ openssl-0.9.8i/Makefile.org Wed Nov 5 22:26:40 2008
-@@ -551,7 +551,7 @@
+From c276ddc394dd402327603959271eac63a2e1ec1c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Thu, 5 Feb 2015 08:40:00 +0200
+Subject: [PATCH] busybox basename
+
+---
+ Makefile.org | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile.org b/Makefile.org
+index b7a3f96..035fa83 100644
+--- a/Makefile.org
++++ b/Makefile.org
+@@ -649,7 +649,7 @@ install_docs:
filecase=-i; \
- fi; \
+ esac; \
set -e; for i in doc/apps/*.pod; do \
- fn=`basename $$i .pod`; \
+ fn=`basename $$i .pod || true`; \
sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
(cd `$(PERL) util/dirname.pl $$i`; \
-@@ -568,7 +568,7 @@
+@@ -666,7 +666,7 @@ install_docs:
done); \
done; \
set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
@@ -18,3 +29,6 @@
sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
(cd `$(PERL) util/dirname.pl $$i`; \
+--
+2.2.2
+
diff --git a/main/openssl/0003-use-termios.patch b/main/openssl/0003-use-termios.patch
new file mode 100644
index 000000000..3312d1856
--- /dev/null
+++ b/main/openssl/0003-use-termios.patch
@@ -0,0 +1,26 @@
+From 5caf1bdcdb56358c0ce38ef404fedbe323e66cb9 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Thu, 5 Feb 2015 08:40:32 +0200
+Subject: [PATCH] use termios
+
+---
+ crypto/ui/ui_openssl.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
+index 8bda83c..a89b5f2 100644
+--- a/crypto/ui/ui_openssl.c
++++ b/crypto/ui/ui_openssl.c
+@@ -224,6 +224,9 @@
+ # undef SGTTY
+ #endif
+
++#define TERMIOS
++#undef TERMIO
++
+ #ifdef TERMIOS
+ # include <termios.h>
+ # define TTY_STRUCT struct termios
+--
+2.2.2
+
diff --git a/main/openssl/0004-crypto-engine-autoload-padlock-dynamic-engine.patch b/main/openssl/0004-crypto-engine-autoload-padlock-dynamic-engine.patch
deleted file mode 100644
index f83fc965e..000000000
--- a/main/openssl/0004-crypto-engine-autoload-padlock-dynamic-engine.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 21668119c0f83f309b423b8a443dbef5206ab778 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Fri, 4 Jun 2010 18:02:39 +0300
-Subject: [PATCH 4/4] crypto/engine: autoload padlock dynamic engine
-
----
- crypto/engine/eng_all.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c
-index 6093376..210b2d7 100644
---- a/crypto/engine/eng_all.c
-+++ b/crypto/engine/eng_all.c
-@@ -120,6 +120,16 @@ void ENGINE_load_builtin_engines(void)
- ENGINE_load_capi();
- #endif
- #endif
-+#ifdef OPENSSL_NO_STATIC_ENGINE
-+ {
-+ ENGINE *e;
-+ e = ENGINE_by_id("padlock");
-+ if (e != NULL) {
-+ ENGINE_add(e);
-+ ENGINE_free(e);
-+ }
-+ }
-+#endif
- ENGINE_register_all_complete();
- }
-
---
-1.7.11.3
-
diff --git a/main/openssl/0004-fix-default-ca-path-for-apps.patch b/main/openssl/0004-fix-default-ca-path-for-apps.patch
new file mode 100644
index 000000000..6e17a71f3
--- /dev/null
+++ b/main/openssl/0004-fix-default-ca-path-for-apps.patch
@@ -0,0 +1,104 @@
+From 09e6425ad6927a825b077af85c50b2fb04773757 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Thu, 5 Feb 2015 08:52:05 +0200
+Subject: [PATCH] fix default ca path for apps
+
+---
+ apps/s_client.c | 13 ++++++-------
+ apps/s_server.c | 22 ++++++++++++++--------
+ apps/s_time.c | 13 ++++++-------
+ 3 files changed, 26 insertions(+), 22 deletions(-)
+
+diff --git a/apps/s_client.c b/apps/s_client.c
+index b1152aa..8aee02a 100644
+--- a/apps/s_client.c
++++ b/apps/s_client.c
+@@ -1337,13 +1337,12 @@ int MAIN(int argc, char **argv)
+
+ SSL_CTX_set_verify(ctx, verify, verify_callback);
+
+- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
+- (!SSL_CTX_set_default_verify_paths(ctx))) {
+- /*
+- * BIO_printf(bio_err,"error setting default verify locations\n");
+- */
+- ERR_print_errors(bio_err);
+- /* goto end; */
++ if (CAfile == NULL && CApath == NULL) {
++ if (!SSL_CTX_set_default_verify_paths(ctx))
++ ERR_print_errors(bio_err);
++ } else {
++ if (!SSL_CTX_load_verify_locations(ctx, CAfile, CApath))
++ ERR_print_errors(bio_err);
+ }
+
+ ssl_ctx_add_crls(ctx, crls, crl_download);
+diff --git a/apps/s_server.c b/apps/s_server.c
+index baa2455..2d5dc97 100644
+--- a/apps/s_server.c
++++ b/apps/s_server.c
+@@ -1770,12 +1770,14 @@ int MAIN(int argc, char *argv[])
+ }
+ #endif
+
+- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
+- (!SSL_CTX_set_default_verify_paths(ctx))) {
+- /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
+- ERR_print_errors(bio_err);
+- /* goto end; */
++ if (CAfile == NULL && CApath == NULL) {
++ if (!SSL_CTX_set_default_verify_paths(ctx))
++ ERR_print_errors(bio_err);
++ } else {
++ if (!SSL_CTX_load_verify_locations(ctx, CAfile, CApath))
++ ERR_print_errors(bio_err);
+ }
++
+ if (vpm)
+ SSL_CTX_set1_param(ctx, vpm);
+
+@@ -1838,10 +1840,14 @@ int MAIN(int argc, char *argv[])
+ else
+ SSL_CTX_sess_set_cache_size(ctx2, 128);
+
+- if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
+- (!SSL_CTX_set_default_verify_paths(ctx2))) {
+- ERR_print_errors(bio_err);
++ if (CAfile == NULL && CApath == NULL) {
++ if (!SSL_CTX_set_default_verify_paths(ctx2))
++ ERR_print_errors(bio_err);
++ } else {
++ if (!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath))
++ ERR_print_errors(bio_err);
+ }
++
+ if (vpm)
+ SSL_CTX_set1_param(ctx2, vpm);
+
+diff --git a/apps/s_time.c b/apps/s_time.c
+index 5846f3a..c8f371a 100644
+--- a/apps/s_time.c
++++ b/apps/s_time.c
+@@ -377,13 +377,12 @@ int MAIN(int argc, char **argv)
+
+ SSL_load_error_strings();
+
+- if ((!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) ||
+- (!SSL_CTX_set_default_verify_paths(tm_ctx))) {
+- /*
+- * BIO_printf(bio_err,"error setting default verify locations\n");
+- */
+- ERR_print_errors(bio_err);
+- /* goto end; */
++ if (CAfile == NULL && CApath == NULL) {
++ if (!SSL_CTX_set_default_verify_paths(tm_ctx))
++ ERR_print_errors(bio_err);
++ } else {
++ if (!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath))
++ ERR_print_errors(bio_err);
+ }
+
+ if (tm_cipher == NULL)
+--
+2.2.2
+
diff --git a/main/openssl/openssl-1.0.1-parallel-build.patch b/main/openssl/0005-fix-parallel-build.patch
index 7c804b543..6232c780d 100644
--- a/main/openssl/openssl-1.0.1-parallel-build.patch
+++ b/main/openssl/0005-fix-parallel-build.patch
@@ -1,37 +1,36 @@
-http://rt.openssl.org/Ticket/Display.html?id=2084
-
---- a/Makefile.org
-+++ b/Makefile.org
-@@ -247,17 +247,17 @@
+diff -ru openssl-1.0.1m.orig/Makefile.org openssl-1.0.1m/Makefile.org
+--- openssl-1.0.1m.orig/Makefile.org 2015-03-19 13:37:10.000000000 +0000
++++ openssl-1.0.1m/Makefile.org 2015-03-19 16:07:39.311988611 +0000
+@@ -273,17 +273,17 @@
build_libs: build_crypto build_ssl build_engines
build_crypto:
- @dir=crypto; target=all; $(BUILD_ONE_CMD)
-+ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_ssl:
-+build_ssl: build_crypto
- @dir=ssl; target=all; $(BUILD_ONE_CMD)
-+ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines:
-+build_engines: build_crypto
- @dir=engines; target=all; $(BUILD_ONE_CMD)
-+ +@dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps:
-+build_apps: build_libs
- @dir=apps; target=all; $(BUILD_ONE_CMD)
-+ +@dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests:
-+build_tests: build_libs
- @dir=test; target=all; $(BUILD_ONE_CMD)
-+ +@dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools:
-+build_tools: build_libs
- @dir=tools; target=all; $(BUILD_ONE_CMD)
++ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
++build_ssl: build_crypto
++ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
++build_engines: build_crypto
++ +@dir=engines; target=all; $(BUILD_ONE_CMD)
++build_apps: build_libs
++ +@dir=apps; target=all; $(BUILD_ONE_CMD)
++build_tests: build_libs
++ +@dir=test; target=all; $(BUILD_ONE_CMD)
++build_tools: build_libs
+ +@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
build_testapps:
-@@ -497,9 +497,9 @@
+@@ -538,9 +538,9 @@
dist_pem_h:
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
@@ -43,7 +42,7 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
-@@ -508,6 +508,13 @@
+@@ -549,12 +549,19 @@
$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
$(INSTALL_PREFIX)$(OPENSSLDIR)/private
@@ -57,8 +56,6 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-@@ -511,7 +511,7 @@
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
@@ -66,7 +63,7 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
-@@ -593,12 +600,7 @@
+@@ -634,12 +641,7 @@
done; \
done
@@ -80,9 +77,10 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
here="`pwd`"; \
filecase=; \
---- a/Makefile.shared
-+++ b/Makefile.shared
-@@ -105,6 +105,7 @@ LINK_SO= \
+diff -ru openssl-1.0.1m.orig/Makefile.shared openssl-1.0.1m/Makefile.shared
+--- openssl-1.0.1m.orig/Makefile.shared 2015-01-20 12:33:36.000000000 +0000
++++ openssl-1.0.1m/Makefile.shared 2015-03-19 16:07:39.311988611 +0000
+@@ -105,6 +105,7 @@
SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
@@ -90,7 +88,7 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
$${SHAREDCMD} $${SHAREDFLAGS} \
-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
-@@ -122,6 +124,7 @@ SYMLINK_SO= \
+@@ -122,6 +123,7 @@
done; \
fi; \
if [ -n "$$SHLIB_SOVER" ]; then \
@@ -98,9 +96,10 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
fi; \
---- a/crypto/Makefile
-+++ b/crypto/Makefile
-@@ -85,11 +85,11 @@
+diff -ru openssl-1.0.1m.orig/crypto/Makefile openssl-1.0.1m/crypto/Makefile
+--- openssl-1.0.1m.orig/crypto/Makefile 2015-03-19 13:38:24.000000000 +0000
++++ openssl-1.0.1m/crypto/Makefile 2015-03-19 16:08:31.056272678 +0000
+@@ -85,22 +85,22 @@
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
subdirs:
@@ -114,16 +113,20 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
links:
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-@@ -100,7 +100,7 @@
+ @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
+ @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
+- @target=links; $(RECURSIVE_MAKE)
++ +@target=links; $(RECURSIVE_MAKE)
+
# lib: $(LIB): are splitted to avoid end-less loop
lib: $(LIB)
@touch lib
-$(LIB): $(LIBOBJ)
+$(LIB): $(LIBOBJ) | subdirs
$(AR) $(LIB) $(LIBOBJ)
+ [ -z "$(FIPSLIBDIR)" ] || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
$(RANLIB) $(LIB) || echo Never mind.
-
-@@ -110,7 +110,7 @@
+@@ -111,7 +111,7 @@
fi
libs:
@@ -132,7 +135,7 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
-@@ -119,7 +119,7 @@
+@@ -120,7 +120,7 @@
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
@@ -141,8 +144,9 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
lint:
@target=lint; $(RECURSIVE_MAKE)
---- a/engines/Makefile
-+++ b/engines/Makefile
+diff -ru openssl-1.0.1m.orig/engines/Makefile openssl-1.0.1m/engines/Makefile
+--- openssl-1.0.1m.orig/engines/Makefile 2015-03-19 13:38:35.000000000 +0000
++++ openssl-1.0.1m/engines/Makefile 2015-03-19 16:07:39.311988611 +0000
@@ -72,7 +72,7 @@
all: lib subdirs
@@ -170,9 +174,10 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
tags:
ctags $(SRC)
---- a/test/Makefile
-+++ b/test/Makefile
-@@ -123,7 +123,7 @@
+diff -ru openssl-1.0.1m.orig/test/Makefile openssl-1.0.1m/test/Makefile
+--- openssl-1.0.1m.orig/test/Makefile 2015-03-19 13:38:37.000000000 +0000
++++ openssl-1.0.1m/test/Makefile 2015-03-19 16:09:59.571232753 +0000
+@@ -130,7 +130,7 @@
tags:
ctags $(SRC)
@@ -181,7 +186,7 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
apps:
@(cd ..; $(MAKE) DIRS=apps all)
-@@ -365,109 +365,109 @@
+@@ -388,118 +388,118 @@
link_app.$${shlib_target}
$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
@@ -300,6 +305,10 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
- @target=$(EVPTEST); $(BUILD_CMD)
+ +@target=$(EVPTEST); $(BUILD_CMD)
+ $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
+- @target=$(EVPEXTRATEST); $(BUILD_CMD)
++ +@target=$(EVPEXTRATEST); $(BUILD_CMD)
+
$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
- @target=$(ECDSATEST); $(BUILD_CMD)
+ +@target=$(ECDSATEST); $(BUILD_CMD)
@@ -324,9 +333,17 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
- @target=$(SRPTEST); $(BUILD_CMD)
+ +@target=$(SRPTEST); $(BUILD_CMD)
+ $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
+- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
++ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
+
+ $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
+- @target=$(CONSTTIMETEST) $(BUILD_CMD)
++ +@target=$(CONSTTIMETEST) $(BUILD_CMD)
+
#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
-@@ -480,7 +480,7 @@
+@@ -512,7 +512,7 @@
# fi
dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
diff --git a/main/openssl/0005-s_client-ircv3-starttls.patch b/main/openssl/0005-s_client-ircv3-starttls.patch
deleted file mode 100644
index 880cbb651..000000000
--- a/main/openssl/0005-s_client-ircv3-starttls.patch
+++ /dev/null
@@ -1,56 +0,0 @@
---- openssl-1.0.1c/apps/s_client.c
-+++ openssl-1.0.1c.mod/apps/s_client.c
-@@ -344,7 +344,7 @@
- BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
- BIO_printf(bio_err," for those protocols that support it, where\n");
- BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n");
-- BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
-+ BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", \"ftp\", \"xmpp\" and \"ircv3\"\n");
- BIO_printf(bio_err," are supported.\n");
- #ifndef OPENSSL_NO_ENGINE
- BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
-@@ -546,7 +546,8 @@
- PROTO_POP3,
- PROTO_IMAP,
- PROTO_FTP,
-- PROTO_XMPP
-+ PROTO_XMPP,
-+ PROTO_IRCV3
- };
-
- int MAIN(int, char **);
-@@ -910,6 +911,8 @@
- starttls_proto = PROTO_FTP;
- else if (strcmp(*argv, "xmpp") == 0)
- starttls_proto = PROTO_XMPP;
-+ else if (strcmp(*argv, "ircv3") == 0)
-+ starttls_proto = PROTO_IRCV3;
- else
- goto bad;
- }
-@@ -1484,6 +1487,25 @@
- sbuf[seen] = 0;
- if (!strstr(sbuf, "<proceed"))
- goto shut;
-+ mbuf[0] = 0;
-+ }
-+ if (starttls_proto == PROTO_IRCV3)
-+ {
-+ int seen = 0;
-+ BIO_printf(sbio,"CAP REQ :tls\r\n");
-+ while (!strstr(mbuf,"CAP"))
-+ {
-+ seen = BIO_read(sbio,mbuf,BUFSIZZ);
-+ mbuf[seen] = 0;
-+ }
-+ if (!strstr(mbuf,"ACK"))
-+ goto shut;
-+ BIO_printf(sbio,"CAP END\r\nSTARTTLS\r\n");
-+ while (!strstr(sbuf, "670"))
-+ {
-+ seen = BIO_read(sbio,sbuf,BUFSIZZ);
-+ sbuf[seen] = 0;
-+ }
- mbuf[0] = 0;
- }
-
diff --git a/main/openssl/0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch b/main/openssl/0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
new file mode 100644
index 000000000..daa6df02f
--- /dev/null
+++ b/main/openssl/0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
@@ -0,0 +1,68 @@
+From 4785c095dbfb3630ddf6685f23e3a19c7c804cbc Mon Sep 17 00:00:00 2001
+From: William Pitcock <nenolod@dereferenced.org>
+Date: Thu, 5 Feb 2015 09:02:00 +0200
+Subject: [PATCH] add ircv3 tls-3.1 extension support to s_client
+
+---
+ apps/s_client.c | 24 ++++++++++++++++++++++--
+ 1 file changed, 22 insertions(+), 2 deletions(-)
+
+diff --git a/apps/s_client.c b/apps/s_client.c
+index 8aee02a..0a28b89 100644
+--- a/apps/s_client.c
++++ b/apps/s_client.c
+@@ -401,7 +401,7 @@ static void sc_usage(void)
+ BIO_printf(bio_err,
+ " 'prot' defines which one to assume. Currently,\n");
+ BIO_printf(bio_err,
+- " only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
++ " only \"smtp\", \"pop3\", \"imap\", \"ftp\", \"xmpp\" and \"ircv3\"\n");
+ BIO_printf(bio_err, " are supported.\n");
+ #ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err,
+@@ -640,7 +640,8 @@ enum {
+ PROTO_POP3,
+ PROTO_IMAP,
+ PROTO_FTP,
+- PROTO_XMPP
++ PROTO_XMPP,
++ PROTO_IRCV3,
+ };
+
+ int MAIN(int, char **);
+@@ -1062,6 +1063,8 @@ int MAIN(int argc, char **argv)
+ starttls_proto = PROTO_FTP;
+ else if (strcmp(*argv, "xmpp") == 0)
+ starttls_proto = PROTO_XMPP;
++ else if (strcmp(*argv, "ircv3") == 0)
++ starttls_proto = PROTO_IRCV3;
+ else
+ goto bad;
+ }
+@@ -1646,6 +1649,23 @@ int MAIN(int argc, char **argv)
+ goto shut;
+ mbuf[0] = 0;
+ }
++ if (starttls_proto == PROTO_IRCV3) {
++ int seen = 0;
++ BIO_printf(sbio,"CAP REQ :tls\r\n");
++
++ while (!strstr(mbuf,"CAP")) {
++ seen = BIO_read(sbio,mbuf,BUFSIZZ);
++ mbuf[seen] = 0;
++ }
++ if (!strstr(mbuf,"ACK"))
++ goto shut;
++ BIO_printf(sbio,"CAP END\r\nSTARTTLS\r\n");
++ while (!strstr(sbuf, "670")) {
++ seen = BIO_read(sbio,sbuf,BUFSIZZ);
++ sbuf[seen] = 0;
++ }
++ mbuf[0] = 0;
++ }
+
+ for (;;) {
+ FD_ZERO(&readfds);
+--
+2.2.2
+
diff --git a/main/openssl/0007-reimplement-c_rehash-in-C.patch b/main/openssl/0007-reimplement-c_rehash-in-C.patch
new file mode 100644
index 000000000..eee75d14f
--- /dev/null
+++ b/main/openssl/0007-reimplement-c_rehash-in-C.patch
@@ -0,0 +1,447 @@
+From f9044ad2a216f984481645671ccc30a043849fb1 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Thu, 5 Feb 2015 09:11:27 +0200
+Subject: [PATCH] reimplement c_rehash in C
+
+---
+ apps/Makefile | 4 +-
+ apps/c_rehash.c | 383 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ tools/Makefile | 3 +-
+ 3 files changed, 386 insertions(+), 4 deletions(-)
+ create mode 100644 apps/c_rehash.c
+
+diff --git a/apps/Makefile b/apps/Makefile
+index 72657ea..3aa03e0 100644
+--- a/apps/Makefile
++++ b/apps/Makefile
+@@ -36,7 +36,7 @@ SCRIPTS=CA.sh CA.pl tsget
+ EXE= $(PROGRAM)$(EXE_EXT)
+
+ E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
+- ca crl rsa rsautl dsa dsaparam ec ecparam \
++ ca crl c_rehash rsa rsautl dsa dsaparam ec ecparam \
+ x509 genrsa gendsa genpkey s_server s_client speed \
+ s_time version pkcs7 cms crl2pkcs7 sess_id ciphers nseq pkcs12 \
+ pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts srp
+@@ -51,7 +51,7 @@ RAND_OBJ=app_rand.o
+ RAND_SRC=app_rand.c
+
+ E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \
+- ca.o pkcs7.o crl2p7.o crl.o \
++ ca.o pkcs7.o crl2p7.o crl.o c_rehash.o \
+ rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o \
+ x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o \
+ s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
+diff --git a/apps/c_rehash.c b/apps/c_rehash.c
+new file mode 100644
+index 0000000..e8d0b86
+--- /dev/null
++++ b/apps/c_rehash.c
+@@ -0,0 +1,383 @@
++/* c_rehash.c - Create hash symlinks for certificates
++ * C implementation based on the original Perl and shell versions
++ *
++ * Copyright (c) 2013-2014 Timo Teräs <timo.teras@iki.fi>
++ * All rights reserved.
++ *
++ * This software is licensed under the MIT License.
++ * Full license available at: http://opensource.org/licenses/MIT
++ */
++
++#include <stdio.h>
++#include <limits.h>
++#include <string.h>
++#include <unistd.h>
++#include <dirent.h>
++#include <sys/stat.h>
++
++#include <openssl/evp.h>
++#include <openssl/pem.h>
++#include <openssl/x509.h>
++
++#include "apps.h"
++
++#undef PROG
++#define PROG c_rehash_main
++
++
++#define MAX_COLLISIONS 256
++#define countof(x) (sizeof(x) / sizeof(x[0]))
++
++#if 0
++#define DEBUG(args...) fprintf(stderr, args)
++#else
++#define DEBUG(args...)
++#endif
++
++struct entry_info {
++ struct entry_info *next;
++ char *filename;
++ unsigned short old_id;
++ unsigned char need_symlink;
++ unsigned char digest[EVP_MAX_MD_SIZE];
++};
++
++struct bucket_info {
++ struct bucket_info *next;
++ struct entry_info *first_entry, *last_entry;
++ unsigned int hash;
++ unsigned short type;
++ unsigned short num_needed;
++};
++
++enum Type {
++ TYPE_CERT = 0,
++ TYPE_CRL
++};
++
++static const char *symlink_extensions[] = { "", "r" };
++static const char *file_extensions[] = { "pem", "crt", "cer", "crl" };
++
++static int evpmdsize;
++static const EVP_MD *evpmd;
++
++static int do_hash_new = 1;
++static int do_hash_old = 0;
++static int do_remove_links = 1;
++static int do_verbose = 0;
++
++static struct bucket_info *hash_table[257];
++
++static void bit_set(unsigned char *set, unsigned bit)
++{
++ set[bit / 8] |= 1 << (bit % 8);
++}
++
++static int bit_isset(unsigned char *set, unsigned bit)
++{
++ return set[bit / 8] & (1 << (bit % 8));
++}
++
++static void add_entry(
++ int type, unsigned int hash,
++ const char *filename, const unsigned char *digest,
++ int need_symlink, unsigned short old_id)
++{
++ struct bucket_info *bi;
++ struct entry_info *ei, *found = NULL;
++ unsigned int ndx = (type + hash) % countof(hash_table);
++
++ for (bi = hash_table[ndx]; bi; bi = bi->next)
++ if (bi->type == type && bi->hash == hash)
++ break;
++ if (!bi) {
++ bi = calloc(1, sizeof(*bi));
++ if (!bi) return;
++ bi->next = hash_table[ndx];
++ bi->type = type;
++ bi->hash = hash;
++ hash_table[ndx] = bi;
++ }
++
++ for (ei = bi->first_entry; ei; ei = ei->next) {
++ if (digest && memcmp(digest, ei->digest, evpmdsize) == 0) {
++ BIO_printf(bio_err,
++ "WARNING: Skipping duplicate certificate in file %s\n",
++ filename);
++ return;
++ }
++ if (!strcmp(filename, ei->filename)) {
++ found = ei;
++ if (!digest) break;
++ }
++ }
++ ei = found;
++ if (!ei) {
++ if (bi->num_needed >= MAX_COLLISIONS) return;
++ ei = calloc(1, sizeof(*ei));
++ if (!ei) return;
++
++ ei->old_id = ~0;
++ ei->filename = strdup(filename);
++ if (bi->last_entry) bi->last_entry->next = ei;
++ if (!bi->first_entry) bi->first_entry = ei;
++ bi->last_entry = ei;
++ }
++
++ if (old_id < ei->old_id) ei->old_id = old_id;
++ if (need_symlink && !ei->need_symlink) {
++ ei->need_symlink = 1;
++ bi->num_needed++;
++ memcpy(ei->digest, digest, evpmdsize);
++ }
++}
++
++static int handle_symlink(const char *filename, const char *fullpath)
++{
++ static char xdigit[] = {
++ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,-1,-1,-1,-1,-1,-1,
++ -1,10,11,12,13,14,15,-1,-1,-1,-1,-1,-1,-1,-1,-1,
++ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
++ -1,10,11,12,13,14,15
++ };
++ char linktarget[NAME_MAX], *endptr;
++ unsigned int hash = 0;
++ unsigned char ch;
++ int i, type, id;
++ ssize_t n;
++
++ for (i = 0; i < 8; i++) {
++ ch = filename[i] - '0';
++ if (ch >= countof(xdigit) || xdigit[ch] < 0)
++ return -1;
++ hash <<= 4;
++ hash += xdigit[ch];
++ }
++ if (filename[i++] != '.') return -1;
++ for (type = countof(symlink_extensions) - 1; type > 0; type--)
++ if (strcasecmp(symlink_extensions[type], &filename[i]) == 0)
++ break;
++ i += strlen(symlink_extensions[type]);
++
++ id = strtoul(&filename[i], &endptr, 10);
++ if (*endptr != 0) return -1;
++
++ n = readlink(fullpath, linktarget, sizeof(linktarget));
++ if (n >= sizeof(linktarget) || n < 0) return -1;
++ linktarget[n] = 0;
++
++ DEBUG("Found existing symlink %s for %08x (%d), certname %s\n",
++ filename, hash, type, linktarget);
++ add_entry(type, hash, linktarget, NULL, 0, id);
++ return 0;
++}
++
++static int handle_certificate(const char *filename, const char *fullpath)
++{
++ STACK_OF(X509_INFO) *inf;
++ X509_INFO *x;
++ BIO *b;
++ const char *ext;
++ unsigned char digest[EVP_MAX_MD_SIZE];
++ X509_NAME *name = NULL;
++ int i, type, ret = -1;
++
++ ext = strrchr(filename, '.');
++ if (ext == NULL) return 0;
++ for (i = 0; i < countof(file_extensions); i++) {
++ if (strcasecmp(file_extensions[i], ext+1) == 0)
++ break;
++ }
++ if (i >= countof(file_extensions)) return -1;
++
++ b = BIO_new_file(fullpath, "r");
++ if (!b) return -1;
++ inf = PEM_X509_INFO_read_bio(b, NULL, NULL, NULL);
++ BIO_free(b);
++ if (!inf) return -1;
++
++ if (sk_X509_INFO_num(inf) == 1) {
++ x = sk_X509_INFO_value(inf, 0);
++ if (x->x509) {
++ type = TYPE_CERT;
++ name = X509_get_subject_name(x->x509);
++ X509_digest(x->x509, evpmd, digest, NULL);
++ } else if (x->crl) {
++ type = TYPE_CRL;
++ name = X509_CRL_get_issuer(x->crl);
++ X509_CRL_digest(x->crl, evpmd, digest, NULL);
++ }
++ if (name && do_hash_new)
++ add_entry(type, X509_NAME_hash(name), filename, digest, 1, ~0);
++ if (name && do_hash_old)
++ add_entry(type, X509_NAME_hash_old(name), filename, digest, 1, ~0);
++ } else {
++ BIO_printf(bio_err,
++ "WARNING: %s does not contain exactly one certificate or CRL: skipping\n",
++ filename);
++ }
++
++ sk_X509_INFO_pop_free(inf, X509_INFO_free);
++
++ return ret;
++}
++
++static int hash_dir(const char *dirname)
++{
++ struct bucket_info *bi, *nextbi;
++ struct entry_info *ei, *nextei;
++ struct dirent *de;
++ struct stat st;
++ unsigned char idmask[MAX_COLLISIONS / 8];
++ int i, n, nextid, buflen, ret = -1;
++ const char *pathsep;
++ char *buf;
++ DIR *d;
++
++ if (access(dirname, R_OK|W_OK|X_OK) != 0) {
++ BIO_printf(bio_err,
++ "ERROR: Access denied '%s'\n",
++ dirname);
++ return -1;
++ }
++
++ buflen = strlen(dirname);
++ pathsep = (buflen && dirname[buflen-1] == '/') ? "" : "/";
++ buflen += NAME_MAX + 2;
++ buf = malloc(buflen);
++ if (buf == NULL)
++ goto err;
++
++ if (do_verbose) printf("Doing %s\n", dirname);
++ d = opendir(dirname);
++ if (!d) goto err;
++
++ while ((de = readdir(d)) != NULL) {
++ if (snprintf(buf, buflen, "%s%s%s", dirname, pathsep, de->d_name) >= buflen)
++ continue;
++ if (lstat(buf, &st) < 0)
++ continue;
++ if (S_ISLNK(st.st_mode) && handle_symlink(de->d_name, buf) == 0)
++ continue;
++ handle_certificate(de->d_name, buf);
++ }
++ closedir(d);
++
++ for (i = 0; i < countof(hash_table); i++) {
++ for (bi = hash_table[i]; bi; bi = nextbi) {
++ nextbi = bi->next;
++ DEBUG("Type %d, hash %08x, num entries %d:\n", bi->type, bi->hash, bi->num_needed);
++
++ nextid = 0;
++ memset(idmask, 0, (bi->num_needed+7)/8);
++ for (ei = bi->first_entry; ei; ei = ei->next)
++ if (ei->old_id < bi->num_needed)
++ bit_set(idmask, ei->old_id);
++
++ for (ei = bi->first_entry; ei; ei = nextei) {
++ nextei = ei->next;
++ DEBUG("\t(old_id %d, need_symlink %d) Cert %s\n",
++ ei->old_id, ei->need_symlink,
++ ei->filename);
++
++ if (ei->old_id < bi->num_needed) {
++ /* Link exists, and is used as-is */
++ snprintf(buf, buflen, "%08x.%s%d", bi->hash, symlink_extensions[bi->type], ei->old_id);
++ if (do_verbose) printf("link %s -> %s\n", ei->filename, buf);
++ } else if (ei->need_symlink) {
++ /* New link needed (it may replace something) */
++ while (bit_isset(idmask, nextid))
++ nextid++;
++
++ snprintf(buf, buflen, "%s%s%n%08x.%s%d",
++ dirname, pathsep, &n, bi->hash,
++ symlink_extensions[bi->type],
++ nextid);
++ if (do_verbose) printf("link %s -> %s\n", ei->filename, &buf[n]);
++ unlink(buf);
++ symlink(ei->filename, buf);
++ } else if (do_remove_links) {
++ /* Link to be deleted */
++ snprintf(buf, buflen, "%s%s%n%08x.%s%d",
++ dirname, pathsep, &n, bi->hash,
++ symlink_extensions[bi->type],
++ ei->old_id);
++ if (do_verbose) printf("unlink %s\n", &buf[n]);
++ unlink(buf);
++ }
++ free(ei->filename);
++ free(ei);
++ }
++ free(bi);
++ }
++ hash_table[i] = NULL;
++ }
++
++ ret = 0;
++err:
++ free(buf);
++ return ret;
++}
++
++static void c_rehash_usage(void)
++{
++ printf("\
++usage: c_rehash <args> <dirs>\n\
++\n\
++-compat - create new- and old-style hashed links\n\
++-old - use old-style hashing for generating links\n\
++-h - display this help\n\
++-n - do not remove existing links\n\
++-v - be more verbose\n\
++\n");
++}
++
++int MAIN(int argc, char **argv)
++{
++ const char *env, *opt;
++ int i, numargs, r = 0;
++
++ evpmd = EVP_sha1();
++ evpmdsize = EVP_MD_size(evpmd);
++ if (bio_err == NULL)
++ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
++
++ numargs = argc;
++ for (i = 1; i < argc; i++) {
++ if (argv[i][0] != '-') continue;
++ if (strcmp(argv[i], "--") == 0) { argv[i] = 0; numargs--; break; }
++ opt = &argv[i][1];
++ if (strcmp(opt, "compat") == 0) {
++ do_hash_new = do_hash_old = 1;
++ } else if (strcmp(opt, "old") == 0) {
++ do_hash_new = 0;
++ do_hash_old = 1;
++ } else if (strcmp(opt, "n") == 0) {
++ do_remove_links = 0;
++ } else if (strcmp(opt, "v") == 0) {
++ do_verbose++;
++ } else {
++ if (strcmp(opt, "h") != 0)
++ BIO_printf(bio_err,"unknown option %s\n", argv[i]);
++ c_rehash_usage();
++ return 1;
++ }
++ argv[i] = 0;
++ numargs--;
++ }
++
++ if (numargs > 1) {
++ for (i = 1; i < argc; i++)
++ if (argv[i]) r |= hash_dir(argv[i]);
++ } else if ((env = getenv("SSL_CERT_DIR")) != NULL) {
++ char *e, *m;
++ m = strdup(env);
++ for (e = strtok(m, ":"); e != NULL; e = strtok(NULL, ":"))
++ r |= hash_dir(e);
++ free(m);
++ } else {
++ r |= hash_dir("/etc/ssl/certs");
++ }
++
++ return r ? 2 : 0;
++}
+diff --git a/tools/Makefile b/tools/Makefile
+index bb6fb71..51190fc 100644
+--- a/tools/Makefile
++++ b/tools/Makefile
+@@ -13,7 +13,7 @@ CFLAGS= $(INCLUDES) $(CFLAG)
+
+ GENERAL=Makefile
+ TEST=
+-APPS= c_rehash
++APPS=
+ MISC_APPS= c_hash c_info c_issuer c_name
+
+ all:
+@@ -49,7 +49,6 @@ depend:
+ dclean:
+ $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+- rm -f c_rehash
+
+ clean:
+ rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+--
+2.2.2
+
diff --git a/main/openssl/0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch b/main/openssl/0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
new file mode 100644
index 000000000..ff3d25eff
--- /dev/null
+++ b/main/openssl/0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
@@ -0,0 +1,27 @@
+From 7457e26d3a78c7cd923242d87d04febadddea086 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Thu, 5 Feb 2015 10:06:31 +0200
+Subject: [PATCH] maintain abi compat with no-freelist and regular build
+
+---
+ ssl/ssl.h | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/ssl/ssl.h b/ssl/ssl.h
+index 2b0f662..636cb5d 100644
+--- a/ssl/ssl.h
++++ b/ssl/ssl.h
+@@ -1113,6 +1113,10 @@ struct ssl_ctx_st {
+ unsigned int freelist_max_len;
+ struct ssl3_buf_freelist_st *wbuf_freelist;
+ struct ssl3_buf_freelist_st *rbuf_freelist;
++# else
++ unsigned int freelist_dummy0;
++ void *freelist_dummy1;
++ void *freelist_dummy2;
+ # endif
+ # ifndef OPENSSL_NO_SRP
+ SRP_CTX srp_ctx; /* ctx for SRP authentication */
+--
+2.2.2
+
diff --git a/main/openssl/0009-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch b/main/openssl/0009-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
new file mode 100644
index 000000000..ef46faa84
--- /dev/null
+++ b/main/openssl/0009-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
@@ -0,0 +1,88 @@
+From 83c96cbc76604daccbc31cea9411555aea96fd6d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Thu, 5 Feb 2015 09:16:51 +0200
+Subject: [PATCH] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it
+ properly
+
+Some engines (namely VIA C7 Padlock) work only if EVP_MD_CTX_FLAG_ONESHOT
+is set before final update. This is because some crypto accelerators cannot
+perform non-finalizing transform of the digest.
+
+The usage of EVP_MD_CTX_FLAG_ONESHOT is used semantically slightly
+differently here. It is set before the final EVP_DigestUpdate call, not
+necessarily before EVP_DigestInit call. This will not cause any problems
+though.
+---
+ crypto/hmac/hmac.c | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
+index 1fc9e2c..6f16578 100644
+--- a/crypto/hmac/hmac.c
++++ b/crypto/hmac/hmac.c
+@@ -109,7 +109,8 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+ j = EVP_MD_block_size(md);
+ OPENSSL_assert(j <= (int)sizeof(ctx->key));
+ if (j < len) {
+- if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
++ EVP_MD_CTX_set_flags(&ctx->md_ctx, EVP_MD_CTX_FLAG_ONESHOT);
++ if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx->md_ctx, key, len))
+ goto err;
+@@ -129,6 +130,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+ if (reset) {
+ for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
+ pad[i] = 0x36 ^ ctx->key[i];
++ EVP_MD_CTX_clear_flags(&ctx->i_ctx, EVP_MD_CTX_FLAG_ONESHOT);
+ if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md)))
+@@ -136,6 +138,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+
+ for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
+ pad[i] = 0x5c ^ ctx->key[i];
++ EVP_MD_CTX_clear_flags(&ctx->o_ctx, EVP_MD_CTX_FLAG_ONESHOT);
+ if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md)))
+@@ -143,6 +146,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+ }
+ if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx))
+ goto err;
++ EVP_MD_CTX_clear_flags(&ctx->md_ctx, EVP_MD_CTX_FLAG_ONESHOT);
+ return 1;
+ err:
+ return 0;
+@@ -177,6 +181,7 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
+ goto err;
+ if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx))
+ goto err;
++ EVP_MD_CTX_set_flags(&ctx->md_ctx,EVP_MD_CTX_FLAG_ONESHOT);
+ if (!EVP_DigestUpdate(&ctx->md_ctx, buf, i))
+ goto err;
+ if (!EVP_DigestFinal_ex(&ctx->md_ctx, md, len))
+@@ -233,8 +238,9 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
+ if (md == NULL)
+ md = m;
+ HMAC_CTX_init(&c);
+- if (!HMAC_Init(&c, key, key_len, evp_md))
++ if (!HMAC_Init_ex(&c, key, key_len, evp_md, NULL))
+ goto err;
++ HMAC_CTX_set_flags(&c,EVP_MD_CTX_FLAG_ONESHOT);
+ if (!HMAC_Update(&c, d, n))
+ goto err;
+ if (!HMAC_Final(&c, md, md_len))
+@@ -247,7 +253,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
+
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
+ {
+- EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
+- EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
++ EVP_MD_CTX_set_flags(&ctx->i_ctx, flags & ~EVP_MD_CTX_FLAG_ONESHOT);
++ EVP_MD_CTX_set_flags(&ctx->o_ctx, flags & ~EVP_MD_CTX_FLAG_ONESHOT);
+ EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
+ }
+--
+2.2.2
+
diff --git a/main/openssl/0002-engines-e_padlock-backport-cvs-head-changes.patch b/main/openssl/0010-backport-changes-from-upstream-padlock-module.patch
index 74fc3d8e7..f63bbcd1c 100644
--- a/main/openssl/0002-engines-e_padlock-backport-cvs-head-changes.patch
+++ b/main/openssl/0010-backport-changes-from-upstream-padlock-module.patch
@@ -1,58 +1,68 @@
-Backport changes from upstream padlock module.
+From ba17588a940ee712c3ef6d458adb1087f0c84521 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Thu, 5 Feb 2015 09:28:10 +0200
+Subject: [PATCH] backport changes from upstream padlock module.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
Includes support for VIA Nano 64-bit mode.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
+---
+ engines/e_padlock.c | 142 +++++++++++++++++++++++++++++++++++++++++++++-------
+ 1 file changed, 125 insertions(+), 17 deletions(-)
-diff -ru openssl-1.0.1k.orig/engines/e_padlock.c openssl-1.0.1k/engines/e_padlock.c
---- openssl-1.0.1k.orig/engines/e_padlock.c 2015-01-08 16:00:56.000000000 -0200
-+++ openssl-1.0.1k/engines/e_padlock.c 2015-01-09 08:08:35.421516799 -0200
+diff --git a/engines/e_padlock.c b/engines/e_padlock.c
+index 2898e4c..94406cb 100644
+--- a/engines/e_padlock.c
++++ b/engines/e_padlock.c
@@ -101,7 +101,10 @@
- compiler choice is limited to GCC and Microsoft C. */
- #undef COMPILE_HW_PADLOCK
- #if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
--# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
-+# if (defined(__GNUC__) && __GNUC__>=2 && \
-+ (defined(__i386__) || defined(__i386) || \
-+ defined(__x86_64__) || defined(__x86_64)) \
-+ ) || \
+ */
+ # undef COMPILE_HW_PADLOCK
+ # if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
+-# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
++# if (defined(__GNUC__) && __GNUC__>=2 && \
++ (defined(__i386__) || defined(__i386) || \
++ defined(__x86_64__) || defined(__x86_64)) \
++ ) || \
(defined(_MSC_VER) && defined(_M_IX86))
- # define COMPILE_HW_PADLOCK
- # endif
-@@ -304,6 +307,7 @@
+ # define COMPILE_HW_PADLOCK
+ # endif
+@@ -303,6 +306,7 @@ static volatile struct padlock_cipher_data *padlock_saved_context;
* =======================================================
*/
- #if defined(__GNUC__) && __GNUC__>=2
-+#if defined(__i386__) || defined(__i386)
+ # if defined(__GNUC__) && __GNUC__>=2
++# if defined(__i386__) || defined(__i386)
/*
* As for excessive "push %ebx"/"pop %ebx" found all over.
* When generating position-independent code GCC won't let
-@@ -383,23 +387,6 @@
- return padlock_use_ace + padlock_use_rng;
+@@ -379,22 +383,6 @@ static int padlock_available(void)
+ return padlock_use_ace + padlock_use_rng;
}
--#ifndef OPENSSL_NO_AES
--#ifndef AES_ASM
+-# ifndef OPENSSL_NO_AES
+-# ifndef AES_ASM
-/* Our own htonl()/ntohl() */
--static inline void
--padlock_bswapl(AES_KEY *ks)
+-static inline void padlock_bswapl(AES_KEY *ks)
-{
-- size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
-- unsigned int *key = ks->rd_key;
+- size_t i = sizeof(ks->rd_key) / sizeof(ks->rd_key[0]);
+- unsigned int *key = ks->rd_key;
-
-- while (i--) {
-- asm volatile ("bswapl %0" : "+r"(*key));
-- key++;
-- }
+- while (i--) {
+- asm volatile ("bswapl %0":"+r" (*key));
+- key++;
+- }
-}
--#endif
--#endif
+-# endif
+-# endif
-
- /* Force key reload from memory to the CPU microcode.
- Loading EFLAGS from the stack clears EFLAGS[30]
- which does the trick. */
-@@ -457,12 +444,129 @@
- : "edx", "cc", "memory"); \
- return iv; \
+ /*
+ * Force key reload from memory to the CPU microcode. Loading EFLAGS from the
+ * stack clears EFLAGS[30] which does the trick.
+@@ -448,6 +436,110 @@ static inline void *name(size_t cnt, \
+ : "edx", "cc", "memory"); \
+ return iv; \
}
+#endif
+
@@ -65,7 +75,7 @@ diff -ru openssl-1.0.1k.orig/engines/e_padlock.c openssl-1.0.1k/engines/e_padloc
+{
+ char vendor_string[16];
+ unsigned int eax, edx;
-
++
+ /* Are we running on the Centaur (VIA) CPU? */
+ eax = 0x00000000;
+ vendor_string[12] = 0;
@@ -156,38 +166,35 @@ diff -ru openssl-1.0.1k.orig/engines/e_padlock.c openssl-1.0.1k/engines/e_padloc
+
+#endif /* cpu */
+
-+#ifndef OPENSSL_NO_AES
++
++# ifndef OPENSSL_NO_AES
+
/* Generate all functions with appropriate opcodes */
- PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8") /* rep xcryptecb */
- PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0") /* rep xcryptcbc */
- PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0") /* rep xcryptcfb */
- PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8") /* rep xcryptofb */
+ /* rep xcryptecb */
+@@ -458,7 +550,23 @@ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8")
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0")
+ /* rep xcryptofb */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8")
+
-+#ifndef AES_ASM
++# ifndef AES_ASM
+/* Our own htonl()/ntohl() */
-+static inline void
-+padlock_bswapl(AES_KEY *ks)
++static inline void padlock_bswapl(AES_KEY *ks)
+{
-+ size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
-+ unsigned int *key = ks->rd_key;
++ size_t i = sizeof(ks->rd_key) / sizeof(ks->rd_key[0]);
++ unsigned int *key = ks->rd_key;
+
-+ while (i--) {
-+ asm volatile ("bswapl %0" : "+r"(*key));
-+ key++;
-+ }
++ while (i--) {
++ asm volatile ("bswapl %0":"+r" (*key));
++ key++;
++ }
+}
-+#endif
- #endif
-
++# endif
++
+ # endif
++
/* The RNG call itself */
-@@ -493,8 +597,8 @@
- static inline unsigned char *
- padlock_memcpy(void *dst,const void *src,size_t n)
+ static inline unsigned int padlock_xstore(void *addr, unsigned int edx_in)
{
-- long *d=dst;
-- const long *s=src;
-+ size_t *d=dst;
-+ const size_t *s=src;
-
- n /= sizeof(*d);
- do { *d++ = *s++; } while (--n);
+--
+2.2.2
+
diff --git a/main/openssl/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch b/main/openssl/0011-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
index c88edbf8f..5a2cdd633 100644
--- a/main/openssl/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+++ b/main/openssl/0011-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
@@ -1,8 +1,7 @@
-From 77b32d0906eaac4d9adf3e6b7c3b52d927e10b41 Mon Sep 17 00:00:00 2001
+From 728af0306505f1ff91364ac2175fb6bf5da90ec3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Wed, 28 Jul 2010 08:37:58 +0300
-Subject: [PATCH 3/4] engines/e_padlock: implement sha1/sha224/sha256
- acceleration
+Date: Thu, 5 Feb 2015 09:41:12 +0200
+Subject: [PATCH] engines/e_padlock: implement sha1/sha224/sha256 acceleration
Limited support for VIA C7 that works only when EVP_MD_CTX_FLAG_ONESHOT
is used appropriately (as done by EVP_Digest, and my previous HMAC patch).
@@ -25,11 +24,11 @@ sha1 37713.77k 114562.71k 259637.33k 379907.41k 438818.13k
sha256 34262.86k 103233.75k 232476.07k 338386.60k 389860.01k
hmac(sha1) 8424.70k 31475.11k 104036.10k 245559.30k 406667.26k
---
- engines/e_padlock.c | 660 ++++++++++++++++++++++++++++++++++++++++++++++++----
- 1 file changed, 613 insertions(+), 47 deletions(-)
+ engines/e_padlock.c | 663 ++++++++++++++++++++++++++++++++++++++++++++++++----
+ 1 file changed, 614 insertions(+), 49 deletions(-)
diff --git a/engines/e_padlock.c b/engines/e_padlock.c
-index 6ab42d2..e107d3c 100644
+index 94406cb..5e99114 100644
--- a/engines/e_padlock.c
+++ b/engines/e_padlock.c
@@ -3,6 +3,9 @@
@@ -39,11 +38,11 @@ index 6ab42d2..e107d3c 100644
+ * SHA support by Timo Teras <timo.teras@iki.fi>. Portions based on
+ * code originally written by Michal Ludvig.
+ *
- * Big thanks to Andy Polyakov for a help with optimization,
- * assembler fixes, port to MS Windows and a lot of other
+ * Big thanks to Andy Polyakov for a help with optimization,
+ * assembler fixes, port to MS Windows and a lot of other
* valuable work on this engine!
-@@ -64,7 +67,9 @@
-
+@@ -63,7 +66,9 @@
+ */
#include <stdio.h>
+#include <stdint.h>
@@ -52,96 +51,73 @@ index 6ab42d2..e107d3c 100644
#include <openssl/opensslconf.h>
#include <openssl/crypto.h>
-@@ -74,12 +79,33 @@
+@@ -73,11 +78,32 @@
#ifndef OPENSSL_NO_AES
- #include <openssl/aes.h>
+ # include <openssl/aes.h>
#endif
+#ifndef OPENSSL_NO_SHA
-+#include <openssl/sha.h>
++# include <openssl/sha.h>
+#endif
#include <openssl/rand.h>
#include <openssl/err.h>
#ifndef OPENSSL_NO_HW
- #ifndef OPENSSL_NO_HW_PADLOCK
-
+-# ifndef OPENSSL_NO_HW_PADLOCK
++# ifndef OPENSSL_NO_HW_PADLOCK
++
+/* PadLock RNG is disabled by default */
-+#define PADLOCK_NO_RNG 1
++# define PADLOCK_NO_RNG 1
+
+/* No ASM routines for SHA in MSC yet */
-+#ifdef _MSC_VER
-+#define OPENSSL_NO_SHA
-+#endif
++# ifdef _MSC_VER
++# define OPENSSL_NO_SHA
++# endif
+
+/* 64-bit mode does not need software SHA1 as fallback, we can
+ * do all operations with padlock */
-+#if defined(__x86_64__) || defined(__x86_64)
-+#define PADLOCK_NEED_FALLBACK_SHA 0
-+#else
-+#define PADLOCK_NEED_FALLBACK_SHA 1
-+#endif
-+
-+#define PADLOCK_MAX_FINALIZING_LENGTH 0x1FFFFFFE
++# if defined(__x86_64__) || defined(__x86_64)
++# define PADLOCK_NEED_FALLBACK_SHA 0
++# else
++# define PADLOCK_NEED_FALLBACK_SHA 1
++# endif
+
++# define PADLOCK_MAX_FINALIZING_LENGTH 0x1FFFFFFE
+
/* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */
- #if (OPENSSL_VERSION_NUMBER >= 0x00908000L)
- # ifndef OPENSSL_NO_DYNAMIC_ENGINE
-@@ -149,58 +175,40 @@ static int padlock_available(void);
+ # if (OPENSSL_VERSION_NUMBER >= 0x00908000L)
+@@ -151,60 +177,42 @@ void ENGINE_load_padlock(void)
+ static int padlock_available(void);
static int padlock_init(ENGINE *e);
++# ifndef PADLOCK_NO_RNG
/* RNG Stuff */
-+#ifndef PADLOCK_NO_RNG
static RAND_METHOD padlock_rand;
-
-/* Cipher Stuff */
--#ifndef OPENSSL_NO_AES
--static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
- #endif
+-# ifndef OPENSSL_NO_AES
+-static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+- const int **nids, int nid);
+ # endif
/* Engine names */
static const char *padlock_id = "padlock";
static char padlock_name[100];
--/* Available features */
--static int padlock_use_ace = 0; /* Advanced Cryptography Engine */
--static int padlock_use_rng = 0; /* Random Number Generator */
--#ifndef OPENSSL_NO_AES
--static int padlock_aes_align_required = 1;
--#endif
+static int padlock_bind_helper(ENGINE *e);
-
--/* ===== Engine "management" functions ===== */
--
--/* Prepare the ENGINE structure for registration */
--static int
--padlock_bind_helper(ENGINE *e)
--{
-- /* Check available features */
-- padlock_available();
--
--#if 1 /* disable RNG for now, see commentary in vicinity of RNG code */
-- padlock_use_rng=0;
--#endif
--
-- /* Generate a nice engine name with available features */
-- BIO_snprintf(padlock_name, sizeof(padlock_name),
-- "VIA PadLock (%s, %s)",
-- padlock_use_rng ? "RNG" : "no-RNG",
-- padlock_use_ace ? "ACE" : "no-ACE");
-+ /* Available features */
++
+ /* Available features */
+-static int padlock_use_ace = 0; /* Advanced Cryptography Engine */
+-static int padlock_use_rng = 0; /* Random Number Generator */
+enum padlock_flags {
-+ PADLOCK_RNG = 0x01,
-+ PADLOCK_ACE = 0x02,
-+ PADLOCK_ACE2 = 0x04,
-+ PADLOCK_PHE = 0x08,
-+ PADLOCK_PMM = 0x10,
-+ PADLOCK_NANO = 0x20,
++ PADLOCK_RNG = 0x01,
++ PADLOCK_ACE = 0x02,
++ PADLOCK_ACE2 = 0x04,
++ PADLOCK_PHE = 0x08,
++ PADLOCK_PMM = 0x10,
++ PADLOCK_NANO = 0x20,
+};
+enum padlock_flags padlock_flags;
-
-- /* Register everything or return with an error */
-- if (!ENGINE_set_id(e, padlock_id) ||
-- !ENGINE_set_name(e, padlock_name) ||
++
+#define PADLOCK_HAVE_RNG (padlock_flags & PADLOCK_RNG)
+#define PADLOCK_HAVE_ACE (padlock_flags & (PADLOCK_ACE|PADLOCK_ACE2))
+#define PADLOCK_HAVE_ACE1 (padlock_flags & PADLOCK_ACE)
@@ -149,57 +125,83 @@ index 6ab42d2..e107d3c 100644
+#define PADLOCK_HAVE_PHE (padlock_flags & PADLOCK_PHE)
+#define PADLOCK_HAVE_PMM (padlock_flags & PADLOCK_PMM)
+#define PADLOCK_HAVE_NANO (padlock_flags & PADLOCK_NANO)
++
+ # ifndef OPENSSL_NO_AES
+ static int padlock_aes_align_required = 1;
+ # endif
-- !ENGINE_set_init_function(e, padlock_init) ||
- #ifndef OPENSSL_NO_AES
-- (padlock_use_ace && !ENGINE_set_ciphers (e, padlock_ciphers)) ||
-+static int padlock_aes_align_required = 1;
- #endif
-- (padlock_use_rng && !ENGINE_set_RAND (e, &padlock_rand))) {
-- return 0;
-- }
+ /* ===== Engine "management" functions ===== */
-- /* Everything looks good */
-- return 1;
+-/* Prepare the ENGINE structure for registration */
+-static int padlock_bind_helper(ENGINE *e)
+-{
+- /* Check available features */
+- padlock_available();
+-
+-# if 1 /* disable RNG for now, see commentary in
+- * vicinity of RNG code */
+- padlock_use_rng = 0;
+-# endif
+-
+- /* Generate a nice engine name with available features */
+- BIO_snprintf(padlock_name, sizeof(padlock_name),
+- "VIA PadLock (%s, %s)",
+- padlock_use_rng ? "RNG" : "no-RNG",
+- padlock_use_ace ? "ACE" : "no-ACE");
+-
+- /* Register everything or return with an error */
+- if (!ENGINE_set_id(e, padlock_id) ||
+- !ENGINE_set_name(e, padlock_name) ||
+- !ENGINE_set_init_function(e, padlock_init) ||
+-# ifndef OPENSSL_NO_AES
+- (padlock_use_ace && !ENGINE_set_ciphers(e, padlock_ciphers)) ||
+-# endif
+- (padlock_use_rng && !ENGINE_set_RAND(e, &padlock_rand))) {
+- return 0;
+- }
+-
+- /* Everything looks good */
+- return 1;
-}
-+/* ===== Engine "management" functions ===== */
-
- #ifdef OPENSSL_NO_DYNAMIC_ENGINE
+-
+ # ifdef OPENSSL_NO_DYNAMIC_ENGINE
-@@ -228,7 +236,7 @@ ENGINE_padlock(void)
- static int
- padlock_init(ENGINE *e)
+ /* Constructor */
+@@ -229,7 +237,7 @@ static ENGINE *ENGINE_padlock(void)
+ /* Check availability of the engine */
+ static int padlock_init(ENGINE *e)
{
-- return (padlock_use_rng || padlock_use_ace);
-+ return padlock_flags;
+- return (padlock_use_rng || padlock_use_ace);
++ return padlock_flags;
}
- /* This stuff is needed if this ENGINE is being compiled into a self-contained
-@@ -381,10 +389,20 @@ padlock_available(void)
- : "+a"(eax), "=d"(edx) : : "ecx");
-
- /* Fill up some flags */
-- padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
-- padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
-+ padlock_flags |= ((edx & (0x3<<3)) ? PADLOCK_RNG : 0);
-+ padlock_flags |= ((edx & (0x3<<7)) ? PADLOCK_ACE : 0);
-+ padlock_flags |= ((edx & (0x3<<9)) ? PADLOCK_ACE2 : 0);
-+ padlock_flags |= ((edx & (0x3<<11)) ? PADLOCK_PHE : 0);
-+ padlock_flags |= ((edx & (0x3<<13)) ? PADLOCK_PMM : 0);
-+
-+ /* Check for VIA Nano CPU */
-+ eax = 0x00000001;
-+ asm volatile ("pushl %%ebx; cpuid; popl %%ebx"
-+ : "+a"(eax) : : "ecx", "edx");
-+ if ((eax | 0x000F) == 0x06FF)
-+ padlock_flags |= PADLOCK_NANO;
+ /*
+@@ -377,10 +385,20 @@ static int padlock_available(void)
+ "=d"(edx)::"ecx");
-- return padlock_use_ace + padlock_use_rng;
-+ return padlock_flags;
+ /* Fill up some flags */
+- padlock_use_ace = ((edx & (0x3 << 6)) == (0x3 << 6));
+- padlock_use_rng = ((edx & (0x3 << 2)) == (0x3 << 2));
+-
+- return padlock_use_ace + padlock_use_rng;
++ padlock_flags |= ((edx & (0x3<<3)) ? PADLOCK_RNG : 0);
++ padlock_flags |= ((edx & (0x3<<7)) ? PADLOCK_ACE : 0);
++ padlock_flags |= ((edx & (0x3<<9)) ? PADLOCK_ACE2 : 0);
++ padlock_flags |= ((edx & (0x3<<11)) ? PADLOCK_PHE : 0);
++ padlock_flags |= ((edx & (0x3<<13)) ? PADLOCK_PMM : 0);
++
++ /* Check for VIA Nano CPU */
++ eax = 0x00000001;
++ asm volatile ("pushl %%ebx; cpuid; popl %%ebx"
++ : "+a"(eax) : : "ecx", "edx");
++ if ((eax | 0x000F) == 0x06FF)
++ padlock_flags |= PADLOCK_NANO;
++
++ return padlock_flags;
}
- /* Force key reload from memory to the CPU microcode.
-@@ -481,10 +499,14 @@ padlock_available(void)
+ /*
+@@ -473,10 +491,14 @@ padlock_available(void)
: "+a"(eax), "=d"(edx) : : "rbx", "rcx");
/* Fill up some flags */
@@ -218,9 +220,9 @@ index 6ab42d2..e107d3c 100644
}
/* Force key reload from memory to the CPU microcode.
-@@ -1273,6 +1295,496 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+@@ -1293,6 +1315,496 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
- #endif /* OPENSSL_NO_AES */
+ # endif /* OPENSSL_NO_AES */
+#ifndef OPENSSL_NO_SHA
+
@@ -715,10 +717,10 @@ index 6ab42d2..e107d3c 100644
/* ===== Random Number Generator ===== */
/*
* This code is not engaged. The reason is that it does not comply
-@@ -1329,6 +1841,60 @@ static RAND_METHOD padlock_rand = {
- padlock_rand_status, /* rand status */
+@@ -1356,6 +1868,59 @@ static RAND_METHOD padlock_rand = {
+ padlock_rand_bytes, /* pseudorand */
+ padlock_rand_status, /* rand status */
};
-
+#endif /* PADLOCK_NO_RNG */
+
+/* Prepare the ENGINE structure for registration */
@@ -772,10 +774,9 @@ index 6ab42d2..e107d3c 100644
+ /* Everything looks good */
+ return 1;
+}
-+
- #else /* !COMPILE_HW_PADLOCK */
- #ifndef OPENSSL_NO_DYNAMIC_ENGINE
- OPENSSL_EXPORT
+
+ # else /* !COMPILE_HW_PADLOCK */
+ # ifndef OPENSSL_NO_DYNAMIC_ENGINE
--
-1.7.11.3
+2.2.2
diff --git a/main/openssl/0012-crypto-engine-autoload-padlock-dynamic-engine.patch b/main/openssl/0012-crypto-engine-autoload-padlock-dynamic-engine.patch
new file mode 100644
index 000000000..d0cdfb3b3
--- /dev/null
+++ b/main/openssl/0012-crypto-engine-autoload-padlock-dynamic-engine.patch
@@ -0,0 +1,32 @@
+From a358a1267644829144d6ad35116733ceeef46bf1 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Thu, 5 Feb 2015 09:43:37 +0200
+Subject: [PATCH] crypto/engine: autoload padlock dynamic engine
+
+---
+ crypto/engine/eng_all.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c
+index 195a3a9..bd05e4c 100644
+--- a/crypto/engine/eng_all.c
++++ b/crypto/engine/eng_all.c
+@@ -120,6 +120,15 @@ void ENGINE_load_builtin_engines(void)
+ ENGINE_load_capi();
+ # endif
+ #endif
++#ifdef OPENSSL_NO_STATIC_ENGINE
++ {
++ ENGINE *e = ENGINE_by_id("padlock");
++ if (e != NULL) {
++ ENGINE_add(e);
++ ENGINE_free(e);
++ }
++ }
++#endif
+ ENGINE_register_all_complete();
+ }
+
+--
+2.2.2
+
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index 46ab448c4..030eefa9d 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,6 +1,6 @@
# Maintainer: Timo Teras <timo.teras@iki.fi>
pkgname=openssl
-pkgver=1.0.1k
+pkgver=1.0.1m
pkgrel=0
pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
url="http://openssl.org"
@@ -15,19 +15,18 @@ license="openssl"
subpackages="$pkgname-dev $pkgname-doc libcrypto1.0:libcrypto libssl1.0:libssl"
source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
- fix-manpages.patch
- openssl-bb-basename.patch
- 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
- 0002-engines-e_padlock-backport-cvs-head-changes.patch
- 0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
- 0004-crypto-engine-autoload-padlock-dynamic-engine.patch
- 0005-s_client-ircv3-starttls.patch
- openssl-1.0.1-version-eglibc.patch
- openssl-use-termios.patch
- fix-default-apps-capath.patch
- c_rehash.c
- openssl-1.0.1-parallel-build.patch
- abi-compat-no-freelists.patch
+ 0001-fix-manpages.patch
+ 0002-busybox-basename.patch
+ 0003-use-termios.patch
+ 0004-fix-default-ca-path-for-apps.patch
+ 0005-fix-parallel-build.patch
+ 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
+ 0007-reimplement-c_rehash-in-C.patch
+ 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
+ 0009-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
+ 0010-backport-changes-from-upstream-padlock-module.patch
+ 0011-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+ 0012-crypto-engine-autoload-padlock-dynamic-engine.patch
"
_builddir="$srcdir"/$pkgname-$pkgver
@@ -36,27 +35,15 @@ prepare() {
cd "$_builddir"
for patch in $source; do
case $patch in
- # we concider patches with uclibc in its name
- # only usefull on uclibc install
- *uclibc*.patch)
- if [ "$ALPINE_LIBC" != "eglibc" ]; then
- msg "Applying patch $patch"
- patch -p1 -i "$srcdir"/$patch || return 1
- fi
- ;;
- # same applied to eglibc
- *eglibc*.patch)
- if [ "$ALPINE_LIBC" = "eglibc" ]; then
- msg "Applying patch $patch"
- patch -p1 -i "$srcdir"/$patch || return 1
- fi
- ;;
*.patch)
msg "Applying patch $patch"
patch -p1 -i "$srcdir"/$patch || return 1
;;
esac
done
+
+ # force generate apps, due to c_rehash patch
+ rm -rf "$_builddir"/apps/progs.h
}
build() {
@@ -90,15 +77,15 @@ build() {
|| return 1
make && make build-shared || return 1
-
- # replace the c_rehash perl script with our C-version
- $CC $CFLAGS -I include -L . "$srcdir"/c_rehash.c -o tools/c_rehash -lcrypto || return 1
}
package() {
cd "$_builddir"
make INSTALL_PREFIX="$pkgdir" MANDIR=/usr/share/man install || return 1
+ # c_rehash compat link
+ ln -sf openssl "$pkgdir"/usr/bin/c_rehash
+
# rename man pages that conflict with man-pages
local m
for m in rand.3 err.3 threads.3 passwd.1; do
@@ -129,45 +116,42 @@ libssl() {
done
}
-md5sums="d4f002bd22a56881340105028842ae1f openssl-1.0.1k.tar.gz
-f75151bfdd0e1f5191e0d0e7147e1638 fix-manpages.patch
-c6a9857a5dbd30cead0404aa7dd73977 openssl-bb-basename.patch
-ddb5fc155145d5b852425adaec32234d 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
-a7717dd564ef876d4923a80751714d63 0002-engines-e_padlock-backport-cvs-head-changes.patch
-cef4633142031b59960200e87ce3bb18 0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
-c32f42451a07267ee5dfb3781fa40c00 0004-crypto-engine-autoload-padlock-dynamic-engine.patch
-c5b1042a3acaf3591f3f5620b7086e12 0005-s_client-ircv3-starttls.patch
-d1f3aaad7c36590f21355682983cd14e openssl-1.0.1-version-eglibc.patch
-2681796363085d01db8a81c249cd2d7b openssl-use-termios.patch
-efec1bce615256961b1756e575ee1d0a fix-default-apps-capath.patch
-05ad806219cef6fa5692ac727af7fab6 c_rehash.c
-60ca340e32944e4825747e3681ccd553 openssl-1.0.1-parallel-build.patch
-b7f2421187ae2b4c7e424cda2022d41d abi-compat-no-freelists.patch"
-sha256sums="8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c openssl-1.0.1k.tar.gz
-92296c9e121af10ecc1e302695bf2ceacaa9b00702e580504fc0ed04a9fba86e fix-manpages.patch
-82863c2fed659a7186c7f3905a1853b8bd8060350ad101ce159fa7e7d2ba27e8 openssl-bb-basename.patch
-18dd81fefb39b3328a444774ed10871ed50348ca171d2da9f826f916127b2dae 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
-30fbadf31dc13d9bcc758741f5560f6e13dd66c067f62d1b9066fb656f6aaaf2 0002-engines-e_padlock-backport-cvs-head-changes.patch
-cbb2493ec9157e78035e9cc02be17655996ee9cd0a71b79507fc19f3862f452b 0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
-157ec6d17add25b96956abc7c44259c91eebe8a6c1026cdb976b895bf42ec56f 0004-crypto-engine-autoload-padlock-dynamic-engine.patch
-44b553d92e33c48f854a8e15b23830375bc400e987505c74956ac196266f0d46 0005-s_client-ircv3-starttls.patch
-51146851d8454dcb73138f794ced8bd629658b4a0524c466f61b653fff536c93 openssl-1.0.1-version-eglibc.patch
-05266a671143cf17367dee8d409ad6d0857201392c99731d7ebb8f8cdcdc32f7 openssl-use-termios.patch
-1e11d6b8cdcdd6957c69d33ab670c5918fc96c12fdb9b76b4287cb8f69c3545d fix-default-apps-capath.patch
-7b0947fd09ad1e8d9cea360b883090025b40193d0fc8a631f2e3bb42db28d76b c_rehash.c
-bd56e5fe1b6fe594ab93f34d25fef0b7372633bad8532f81da998f3e6655d221 openssl-1.0.1-parallel-build.patch
-41c7c1e5bea7f7e0ccc59203a48f097948627d72fcf87f943fcfe8c14b4069a2 abi-compat-no-freelists.patch"
-sha512sums="8b000fbd1bf919d9913a314f99aedd48a69f6caa4ccf43237889e73e08cbe0d82bfc27e9c7c4cade09fc459f91d6c4a831a9b3fc8bca0344fb864eadd7d1e8e8 openssl-1.0.1k.tar.gz
-b0eda7e9b53195b0855da68617201c3c7026eb7464ab58f0bc9923013663ec6b826d1868fe88b87118d3134114cbd9ac15d2c8389c85ef9c1bb4d18575b68a5b fix-manpages.patch
-6c4f4b0c1b606b3e5a8175618c4398923392f9c25ad8d3f5b65b0424fe51e104c4f456d2da590d9f572382225ab320278e88db1585790092450cad60a02819a5 openssl-bb-basename.patch
-ea282b09d4692a29e5a554e19b0798fa921717d4892decc68cba92cad11e85e4064d8ac78d98f6fa8bb45c65fdd1a5d1a6f6755e53102d520e9d8b807c3a7822 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
-c86694b1931ef16eb467f5228a7ea2c36c90570daedb405bb24e7915b2e29f9ba20386cdef0ebea6af23ca04839d713bd05f0c8f3b7f6377331a6ab96c505f44 0002-engines-e_padlock-backport-cvs-head-changes.patch
-b019320869d215014ad46e0b29aa239e31243571c4d45256b3ce6449a67fdc106a381c1cf3abd55ddbfd6a0e9ffa3e3167377317cbc72b254b1f9bcc0e22b8b6 0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
-3bedc326ca3e5945bc4ec4dccfe596042ee87aaeaf90b5063110a99cc8e38584838d68289907e4a3fcdb8e04635052ad0759c94e1d7070bb317c2066e2506bbe 0004-crypto-engine-autoload-padlock-dynamic-engine.patch
-70cd257bbd5a86685dc2508399e67746b60ed5d581eb84fe4d4fc6af214f31b71e2a58ad758d572976a61f67bf64c37a935a9788db160f75bced75397b9bcce3 0005-s_client-ircv3-starttls.patch
-6db9d9ee62048d27f80e392eda99a46712ee85f1c8fd49f4931be73c880da8b84844a72657f7bceddb7db0026daddd31870d9c5065494f8d359ee8560284fd4a openssl-1.0.1-version-eglibc.patch
-22261ad902ad4826db889fa0e6196b57d6cb389c1707f5827ba48a4630097e590979257f16f4a36fe611199fa33ba32d5f412c8b93beb84001865c2501b288da openssl-use-termios.patch
-f2e737146a473d55b99f27457718ca299a02a0c74009026a30c3d1347c575bc264962b5708995e02ef7d68521b8366ccea7320523efb87b1ab2632d73fec5658 fix-default-apps-capath.patch
-17b5ecda9c51a4a6b7a2b5fea65abc90091ae9c8d43527546148769d8fcfd87450075830b874fcff21b9ad0c31366213b4bfb8665e09cbd2559a8f3688b9aebd c_rehash.c
-7255b3315133e415631b2ecadc8f5c50a705b9db507c46efded0190363ce9eb31ffbfe01c500669c060878e5202f858b1d2475c64948426fbf70820b4c798ba1 openssl-1.0.1-parallel-build.patch
-38156d183ebf80de0a39c046b1dddaf99ae64286214f3ee9de51d28212933b5f16c23908aef0aa3d71188306b064969b99da2a0a75693b6bba1bc32884c78b31 abi-compat-no-freelists.patch"
+md5sums="d143d1555d842a069cb7cc34ba745a06 openssl-1.0.1m.tar.gz
+d0e8c6e64fef345fed08010915e12c73 0001-fix-manpages.patch
+67bdfe450143a41042d2c318003e963a 0002-busybox-basename.patch
+84c03f201f55ca7fbfde364cfdfc9cf4 0003-use-termios.patch
+451efb6471e55a57064b73bfe6edddee 0004-fix-default-ca-path-for-apps.patch
+99753d86ab1334ac61415d6152168e91 0005-fix-parallel-build.patch
+5a5753f52b9f54f769f1ad915d0119bd 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
+106b2c7590d49a28c782cf3f5d623543 0007-reimplement-c_rehash-in-C.patch
+7a2f9c883ecdfca3087062df4a68150a 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
+25091afb907de2b504f8bad6bf70002c 0009-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
+aa16c89b283faf0fe546e3f897279c44 0010-backport-changes-from-upstream-padlock-module.patch
+57cca845e22c178c3b317010be56edf0 0011-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+2ac874d1249f5f68d8c7cd58d157d29a 0012-crypto-engine-autoload-padlock-dynamic-engine.patch"
+sha256sums="095f0b7b09116c0c5526422088058dc7e6e000aa14d22acca6a4e2babcdfef74 openssl-1.0.1m.tar.gz
+75ce7e499e12f65db12181282198ab8172bd63265d6ec469b58680d74f8438c7 0001-fix-manpages.patch
+b449fb998b5f60a3a1779ac2f432b2c7f08ae52fc6dfa98bca37d735f863d400 0002-busybox-basename.patch
+c3e6a9710726dac72e3eeffd78961d3bae67a480f6bde7890e066547da25cdfd 0003-use-termios.patch
+d438a36b2b0adf342ebef4b5e9793bcdae3b3027061100f660749c322acbe93d 0004-fix-default-ca-path-for-apps.patch
+722079e4c758b51c955d4e31befbd0b1f77193db91f8a6505e7a431626ce3218 0005-fix-parallel-build.patch
+9baecc8024bd5004ef045c6c53537f7453029c1e273874ce639834145564ca6d 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
+c934b5d1a2cb58b5235da2dfee423f0f66bb83e1d479f511b444751899637c37 0007-reimplement-c_rehash-in-C.patch
+1030f885dc76f352854a7a95d73e68cfd1479c5f9ee198d6afef6b0755ee1c81 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
+2eddcb7ab342285cb637ce6b6be143cca835f449f35dd9bb8c7b9167ba2117a7 0009-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
+aee88a24622ce9d71e38deeb874e58435dcf8ff5690f56194f0e4a00fb09b260 0010-backport-changes-from-upstream-padlock-module.patch
+c10b8aaf56a4f4f79ca195fc587e0bb533f643e777d7a3e6fb0350399a6060ea 0011-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+2f7c850af078a3ae71b2dd38d5d0b3964ea4262e52673e36ff33498cc6223e6c 0012-crypto-engine-autoload-padlock-dynamic-engine.patch"
+sha512sums="f37b60cb4449674d5c06a4056acc3d11f1c9773da6111148fa3fbf8d14362ba1ff5eb5e0c0e06c2b5c84543b2b974584617e393ca83de2230cbbe69b52975afc openssl-1.0.1m.tar.gz
+04baa895f0f8f893c3109e7eb03e019e6e6217b1c2a69dcee70f48907d63d83079e61ee54d21f1282c699d2fc8c7201905fda8dfc26f61f70a59d20892098cfb 0001-fix-manpages.patch
+2244f46cb18e6b98f075051dd2446c47f7590abccd108fbab707f168a20cad8d32220d704635973f09e3b2879f523be5160f1ffbc12ab3900f8a8891dc855c5c 0002-busybox-basename.patch
+58e42058a0c8086c49d681b1e226da39a8cf8cb88c51cf739dec2ff12e1bb5d7208ac5033264b186d58e9bdfe992fe9ddb95701d01caf1824396b2cefe30c0a4 0003-use-termios.patch
+82340da695de51a8df9e76289ea1cbb9b3ad2f10d3b793b0d2155ddfce573d497ed1e35e68fdfea8e3b6c1007908698e1a5354041f9567175f2d480920d86f63 0004-fix-default-ca-path-for-apps.patch
+c8a393db2fef476f8c1fb7618e9231166f0a00fbdf3538f3eb0cf4095e751fbb671ce03a6dcab71461f936e2012332f5c0ec97c4163aa1dd2b9554b84995b2e3 0005-fix-parallel-build.patch
+820d4ce1c222696fe3f1dd0d11815c06262ec230fdb174532fd507286667a0aefbf858ea5edac4245a54b950cd0556545ecd0c5cf494692a2ba131c667e7bcd5 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
+fc4e383ec85c6543e4e82520904122a5a5601c68042ece1e95a0cae95e02d89174f06f78ba2f8aacae8df16052df6ec628b568519a41706428a3fa07984cc8e3 0007-reimplement-c_rehash-in-C.patch
+17ad683bb91a3a3c5bcc456c8aed7f0b42414c6de06ebafa4753af93c42d9827c9978a43d4d53d741a45df7f7895c6f6163172af57cc7b391cfd15f45ce6c351 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
+8c181760d7a149aa18d246d50f1c0438ffb63c98677b05306dfc00400ad0429b47d31e7c8d85126005c67f743d23e7a8a81174ffe98556f4caf9cf6b04d9ff17 0009-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
+a3555440b5f544bfd6b9ad97557d8f4c1d673f6a35219f65056a72035d186be5f354717ddf9784899b602464d48657b090ade24379552d43af97609c0f48c389 0010-backport-changes-from-upstream-padlock-module.patch
+6353c7a94016c20db5d683dde37775f6780952ecdb1a5f39f878d04ba37f6ad79ae10fb6d65d181d912505a5d1e22463004cd855d548b364c00b120da2b0fdbc 0011-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+b72436eb8d4dac42d8da76a51d46cfc03e92e162f692a7a1761201221b9c6d66b738c08270b2260f02ce47b42043538474df73a7185dd4a809dd3b14cc8af7c3 0012-crypto-engine-autoload-padlock-dynamic-engine.patch"
diff --git a/main/openssl/abi-compat-no-freelists.patch b/main/openssl/abi-compat-no-freelists.patch
deleted file mode 100644
index 0ead14c0e..000000000
--- a/main/openssl/abi-compat-no-freelists.patch
+++ /dev/null
@@ -1,13 +0,0 @@
---- openssl-1.0.1g.orig/ssl/ssl.h
-+++ openssl-1.0.1g/ssl/ssl.h
-@@ -959,6 +959,10 @@
- unsigned int freelist_max_len;
- struct ssl3_buf_freelist_st *wbuf_freelist;
- struct ssl3_buf_freelist_st *rbuf_freelist;
-+#else
-+ unsigned int freelist_dummy0;
-+ void *freelist_dummy1;
-+ void *freelist_dummy2;
- #endif
- #ifndef OPENSSL_NO_SRP
- SRP_CTX srp_ctx; /* ctx for SRP authentication */
diff --git a/main/openssl/c_rehash.c b/main/openssl/c_rehash.c
deleted file mode 100644
index a669529d2..000000000
--- a/main/openssl/c_rehash.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/* c_rehash.c - C implementation based on the Perl and shell versions
- *
- * Copyright (c) 2013 Timo Teräs <timo.teras@iki.fi>
- * All rights reserved.
- *
- * This software is licensed under the MIT License.
- * Full license available at: http://opensource.org/licenses/MIT
- */
-
-#define _POSIX_C_SOURCE 200809L
-#define _GNU_SOURCE
-#include <ctype.h>
-#include <stdio.h>
-#include <fcntl.h>
-#include <string.h>
-#include <unistd.h>
-#include <dirent.h>
-#include <fnmatch.h>
-#include <sys/stat.h>
-
-#include <openssl/evp.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-
-#define countof(x) (sizeof(x) / sizeof(x[0]))
-
-struct hash_info {
- struct hash_info *next;
- int type;
- unsigned long hash;
- unsigned char digest[EVP_MAX_MD_SIZE];
-};
-
-enum Type {
- TYPE_CERT = 0,
- TYPE_CRL,
- MAX_TYPES,
-};
-
-static const EVP_MD *evpmd;
-static int evpmdsize;
-static const char *prefixes[MAX_TYPES] = { "", "r" };
-static struct hash_info *hash_table[257];
-
-static int get_link_id(int type, unsigned long hash, unsigned char *digest)
-{
- unsigned int bucket = hash % countof(hash_table);
- struct hash_info *hi;
- int count = 0;
-
- for (hi = hash_table[bucket]; hi; hi = hi->next) {
- if (hi->type != type || hi->hash != hash)
- continue;
- if (memcmp(digest, hi->digest, evpmdsize) == 0)
- return -1;
- count++;
- }
-
- hi = malloc(sizeof(*hi));
- hi->next = hash_table[bucket];
- hi->type = type;
- hi->hash = hash;
- memcpy(hi->digest, digest, evpmdsize);
- hash_table[bucket] = hi;
-
- return count;
-}
-
-static int link_file(int dirfd, const char *filename, int type, unsigned long hash, unsigned char *digest)
-{
- char linkfn[32];
- int id;
-
- id = get_link_id(type, hash, digest);
- if (id < 0) {
- fprintf(stderr, "WARNING: Skipping duplicate certificate in file %s\n",
- filename);
- return -1;
- }
-
- snprintf(linkfn, sizeof(linkfn),
- "%08lx.%s%d", hash, prefixes[type], id);
- fprintf(stdout, "%s => %s\n", linkfn, filename);
- if (symlinkat(filename, dirfd, linkfn) < 0)
- perror(linkfn);
-
- return 0;
-}
-
-static BIO *BIO_openat(int dirfd, const char *filename)
-{
- FILE *fp;
- BIO *bio;
- int fd;
-
- fd = openat(dirfd, filename, O_RDONLY);
- if (fd < 0) {
- perror(filename);
- return NULL;
- }
- fp = fdopen(fd, "r");
- if (fp == NULL) {
- close(fd);
- return NULL;
- }
- bio = BIO_new_fp(fp, BIO_CLOSE);
- if (!bio) {
- fclose(fp);
- return NULL;
- }
- return bio;
-}
-
-static int hash_file(int dirfd, const char *filename)
-{
- STACK_OF(X509_INFO) *inf;
- X509_INFO *x;
- BIO *b;
- int i, count = 0;
- unsigned char digest[EVP_MAX_MD_SIZE];
-
- b = BIO_openat(dirfd, filename);
- if (!b)
- return -1;
-
- inf = PEM_X509_INFO_read_bio(b, NULL, NULL, NULL);
- BIO_free(b);
- if (!inf)
- return -1;
-
- for(i = 0; i < sk_X509_INFO_num(inf); i++) {
- x = sk_X509_INFO_value(inf, i);
- if (x->x509) {
- X509_digest(x->x509, evpmd, digest, NULL);
- link_file(dirfd, filename, TYPE_CERT,
- X509_subject_name_hash(x->x509), digest);
- count++;
- }
- if (x->crl) {
- X509_CRL_digest(x->crl, evpmd, digest, NULL);
- link_file(dirfd, filename, TYPE_CRL,
- X509_NAME_hash(X509_CRL_get_issuer(x->crl)),
- digest);
- count++;
- }
- }
- sk_X509_INFO_pop_free(inf, X509_INFO_free);
-
- if (count == 0) {
- fprintf(stderr,
- "WARNING: %s does not contain a certificate or CRL: skipping\n",
- filename);
- }
-
- return count;
-}
-
-static int is_hash_filename(const char *fn)
-{
- int i;
-
- for (i = 0; i < 8; i++)
- if (!isxdigit(fn[i]))
- return 0;
- if (fn[i++] != '.')
- return 0;
- if (fn[i] == 'r') i++;
- for (; fn[i] != 0; i++)
- if (!isdigit(fn[i]))
- return 0;
- return 1;
-}
-
-static int hash_dir(const char *dirname)
-{
- struct dirent *de;
- struct stat st;
- int dirfd;
- DIR *d;
-
- fprintf(stdout, "Doing %s\n", dirname);
- dirfd = open(dirname, O_RDONLY | O_DIRECTORY);
- if (dirfd < 0) {
- perror(dirname);
- return -1;
- }
- d = opendir(dirname);
- if (!d) {
- close(dirfd);
- return -1;
- }
- while ((de = readdir(d)) != NULL) {
- if (fstatat(dirfd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
- continue;
- if (!S_ISLNK(st.st_mode))
- continue;
- if (!is_hash_filename(de->d_name))
- continue;
-
- if (unlinkat(dirfd, de->d_name, 0) < 0)
- perror(de->d_name);
- }
-
- rewinddir(d);
- while ((de = readdir(d)) != NULL) {
- if (fnmatch("*.pem", de->d_name, FNM_NOESCAPE) == 0)
- hash_file(dirfd, de->d_name);
- }
- closedir(d);
-
- return 0;
-}
-
-int main(int argc, char **argv)
-{
- const char *env;
- int i;
-
- evpmd = EVP_sha1();
- evpmdsize = EVP_MD_size(evpmd);
-
- if (argc > 1) {
- for (i = 1; i < argc; i++)
- hash_dir(argv[i]);
- } else if ((env = getenv("SSL_CERT_DIR")) != NULL) {
- char *e, *m;
- m = strdup(env);
- for (e = strtok(m, ":"); e != NULL; e = strtok(NULL, ":"))
- hash_dir(e);
- free(m);
- } else {
- hash_dir("/etc/ssl/certs");
- }
-
- return 0;
-}
diff --git a/main/openssl/fix-default-apps-capath.patch b/main/openssl/fix-default-apps-capath.patch
deleted file mode 100644
index 4c48f2661..000000000
--- a/main/openssl/fix-default-apps-capath.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-http://rt.openssl.org/Ticket/Display.html?id=2936&user=guest&pass=guest
-
-diff -up openssl-1.0.1c/apps/s_client.c.default-paths openssl-1.0.1c/apps/s_client.c
---- openssl-1.0.1c/apps/s_client.c.default-paths 2012-03-18 19:16:05.000000000 +0100
-+++ openssl-1.0.1c/apps/s_client.c 2012-12-06 18:24:06.425933203 +0100
-@@ -1166,12 +1166,19 @@ bad:
- if (!set_cert_key_stuff(ctx,cert,key))
- goto end;
-
-- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
-- (!SSL_CTX_set_default_verify_paths(ctx)))
-+ if (CAfile == NULL && CApath == NULL)
- {
-- /* BIO_printf(bio_err,"error setting default verify locations\n"); */
-- ERR_print_errors(bio_err);
-- /* goto end; */
-+ if (!SSL_CTX_set_default_verify_paths(ctx))
-+ {
-+ ERR_print_errors(bio_err);
-+ }
-+ }
-+ else
-+ {
-+ if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath))
-+ {
-+ ERR_print_errors(bio_err);
-+ }
- }
-
- #ifndef OPENSSL_NO_TLSEXT
-diff -up openssl-1.0.1c/apps/s_server.c.default-paths openssl-1.0.1c/apps/s_server.c
---- openssl-1.0.1c/apps/s_server.c.default-paths 2012-03-18 19:16:05.000000000 +0100
-+++ openssl-1.0.1c/apps/s_server.c 2012-12-06 18:25:11.199329611 +0100
-@@ -1565,13 +1565,21 @@ bad:
- }
- #endif
-
-- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
-- (!SSL_CTX_set_default_verify_paths(ctx)))
-+ if (CAfile == NULL && CApath == NULL)
- {
-- /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
-- ERR_print_errors(bio_err);
-- /* goto end; */
-+ if (!SSL_CTX_set_default_verify_paths(ctx))
-+ {
-+ ERR_print_errors(bio_err);
-+ }
-+ }
-+ else
-+ {
-+ if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath))
-+ {
-+ ERR_print_errors(bio_err);
-+ }
- }
-+
- if (vpm)
- SSL_CTX_set1_param(ctx, vpm);
-
-@@ -1622,8 +1630,11 @@ bad:
- else
- SSL_CTX_sess_set_cache_size(ctx2,128);
-
-- if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) ||
-- (!SSL_CTX_set_default_verify_paths(ctx2)))
-+ if (!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath))
-+ {
-+ ERR_print_errors(bio_err);
-+ }
-+ if (!SSL_CTX_set_default_verify_paths(ctx2))
- {
- ERR_print_errors(bio_err);
- }
-diff -up openssl-1.0.1c/apps/s_time.c.default-paths openssl-1.0.1c/apps/s_time.c
---- openssl-1.0.1c/apps/s_time.c.default-paths 2006-04-17 14:22:13.000000000 +0200
-+++ openssl-1.0.1c/apps/s_time.c 2012-12-06 18:27:41.694574044 +0100
-@@ -373,12 +373,19 @@ int MAIN(int argc, char **argv)
-
- SSL_load_error_strings();
-
-- if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
-- (!SSL_CTX_set_default_verify_paths(tm_ctx)))
-+ if (CAfile == NULL && CApath == NULL)
- {
-- /* BIO_printf(bio_err,"error setting default verify locations\n"); */
-- ERR_print_errors(bio_err);
-- /* goto end; */
-+ if (!SSL_CTX_set_default_verify_paths(tm_ctx))
-+ {
-+ ERR_print_errors(bio_err);
-+ }
-+ }
-+ else
-+ {
-+ if (!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath))
-+ {
-+ ERR_print_errors(bio_err);
-+ }
- }
-
- if (tm_cipher == NULL)
diff --git a/main/openssl/openssl-1.0.1-version-eglibc.patch b/main/openssl/openssl-1.0.1-version-eglibc.patch
deleted file mode 100644
index eb5bb2ed5..000000000
--- a/main/openssl/openssl-1.0.1-version-eglibc.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-diff -up openssl-1.0.1/crypto/cversion.c.version openssl-1.0.1/crypto/cversion.c
---- openssl-1.0.1/crypto/cversion.c.version 2004-04-19 20:09:22.000000000 +0200
-+++ openssl-1.0.1/crypto/cversion.c 2012-03-14 20:58:20.630352536 +0100
-@@ -110,8 +110,15 @@ const char *SSLeay_version(int t)
- return("not available");
- }
-
--unsigned long SSLeay(void)
-+unsigned long _original_SSLeay(void)
-+ {
-+ return(0x10000003);
-+ }
-+
-+unsigned long _current_SSLeay(void)
- {
- return(SSLEAY_VERSION_NUMBER);
- }
-
-+__asm__(".symver _original_SSLeay,SSLeay@");
-+__asm__(".symver _current_SSLeay,SSLeay@@OPENSSL_1.0.1");
-diff -up openssl-1.0.1/crypto/opensslv.h.version openssl-1.0.1/crypto/opensslv.h
---- openssl-1.0.1/crypto/opensslv.h.version 2012-03-14 20:58:19.914337879 +0100
-+++ openssl-1.0.1/crypto/opensslv.h 2012-03-14 20:58:20.630352536 +0100
-@@ -83,7 +83,7 @@
- * should only keep the versions that are binary compatible with the current.
- */
- #define SHLIB_VERSION_HISTORY ""
--#define SHLIB_VERSION_NUMBER "1.0.0"
-+#define SHLIB_VERSION_NUMBER "1.0.1d"
-
-
- #endif /* HEADER_OPENSSLV_H */
-diff -up openssl-1.0.1/Makefile.shared.version openssl-1.0.1/Makefile.shared
---- openssl-1.0.1/Makefile.shared.version 2012-03-14 20:58:20.553350959 +0100
-+++ openssl-1.0.1/Makefile.shared 2012-03-14 20:58:20.631352556 +0100
-@@ -151,7 +151,7 @@ DO_GNU_SO=$(CALC_VERSIONS); \
- SHLIB_SUFFIX=; \
- ALLSYMSFLAGS='-Wl,--whole-archive'; \
- NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
-- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,--default-symver,--version-script=version.map -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-
- DO_GNU_APP=LDFLAGS="$(CFLAGS)"
-
-diff -up openssl-1.0.1/version.map.version openssl-1.0.1/version.map
---- openssl-1.0.1/version.map.version 2012-03-14 20:58:20.631352556 +0100
-+++ openssl-1.0.1/version.map 2012-03-14 20:58:20.631352556 +0100
-@@ -0,0 +1,7 @@
-+OPENSSL_1.0.1 {
-+ global:
-+ SSLeay;
-+ local:
-+ _original*;
-+ _current*;
-+};
diff --git a/main/openssl/openssl-use-termios.patch b/main/openssl/openssl-use-termios.patch
deleted file mode 100644
index 7fde174eb..000000000
--- a/main/openssl/openssl-use-termios.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/crypto/ui/ui_openssl.c Fri Sep 21 09:57:09 2012
-+++ b/crypto/ui/ui_openssl.c Fri Sep 21 09:57:30 2012
-@@ -212,6 +212,9 @@
- #undef SGTTY
- #endif
-
-+#define TERMIOS
-+#undef TERMIO
-+
- #ifdef TERMIOS
- # include <termios.h>
- # define TTY_STRUCT struct termios
diff --git a/main/openssl/version-script-eglibc.patch b/main/openssl/version-script-eglibc.patch
deleted file mode 100644
index 48a74213a..000000000
--- a/main/openssl/version-script-eglibc.patch
+++ /dev/null
@@ -1,4664 +0,0 @@
-Index: openssl-1.0.1/Configure
-===================================================================
---- openssl-1.0.1.orig/Configure 2012-03-17 11:25:15.000000000 +0000
-+++ openssl-1.0.1/Configure 2012-03-17 11:48:15.000000000 +0000
-@@ -1616,6 +1616,8 @@
- }
- }
-
-+$shared_ldflag .= " -Wl,--version-script=openssl.ld";
-+
- open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
- unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
- open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
-Index: openssl-1.0.1/openssl.ld
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1/openssl.ld 2012-03-17 11:46:37.000000000 +0000
-@@ -0,0 +1,4615 @@
-+OPENSSL_1.0.0 {
-+ global:
-+ BIO_f_ssl;
-+ BIO_new_buffer_ssl_connect;
-+ BIO_new_ssl;
-+ BIO_new_ssl_connect;
-+ BIO_proxy_ssl_copy_session_id;
-+ BIO_ssl_copy_session_id;
-+ BIO_ssl_shutdown;
-+ d2i_SSL_SESSION;
-+ DTLSv1_client_method;
-+ DTLSv1_method;
-+ DTLSv1_server_method;
-+ ERR_load_SSL_strings;
-+ i2d_SSL_SESSION;
-+ kssl_build_principal_2;
-+ kssl_cget_tkt;
-+ kssl_check_authent;
-+ kssl_ctx_free;
-+ kssl_ctx_new;
-+ kssl_ctx_setkey;
-+ kssl_ctx_setprinc;
-+ kssl_ctx_setstring;
-+ kssl_ctx_show;
-+ kssl_err_set;
-+ kssl_krb5_free_data_contents;
-+ kssl_sget_tkt;
-+ kssl_skip_confound;
-+ kssl_validate_times;
-+ PEM_read_bio_SSL_SESSION;
-+ PEM_read_SSL_SESSION;
-+ PEM_write_bio_SSL_SESSION;
-+ PEM_write_SSL_SESSION;
-+ SSL_accept;
-+ SSL_add_client_CA;
-+ SSL_add_dir_cert_subjects_to_stack;
-+ SSL_add_dir_cert_subjs_to_stk;
-+ SSL_add_file_cert_subjects_to_stack;
-+ SSL_add_file_cert_subjs_to_stk;
-+ SSL_alert_desc_string;
-+ SSL_alert_desc_string_long;
-+ SSL_alert_type_string;
-+ SSL_alert_type_string_long;
-+ SSL_callback_ctrl;
-+ SSL_check_private_key;
-+ SSL_CIPHER_description;
-+ SSL_CIPHER_get_bits;
-+ SSL_CIPHER_get_name;
-+ SSL_CIPHER_get_version;
-+ SSL_clear;
-+ SSL_COMP_add_compression_method;
-+ SSL_COMP_get_compression_methods;
-+ SSL_COMP_get_compress_methods;
-+ SSL_COMP_get_name;
-+ SSL_connect;
-+ SSL_copy_session_id;
-+ SSL_ctrl;
-+ SSL_CTX_add_client_CA;
-+ SSL_CTX_add_session;
-+ SSL_CTX_callback_ctrl;
-+ SSL_CTX_check_private_key;
-+ SSL_CTX_ctrl;
-+ SSL_CTX_flush_sessions;
-+ SSL_CTX_free;
-+ SSL_CTX_get_cert_store;
-+ SSL_CTX_get_client_CA_list;
-+ SSL_CTX_get_client_cert_cb;
-+ SSL_CTX_get_ex_data;
-+ SSL_CTX_get_ex_new_index;
-+ SSL_CTX_get_info_callback;
-+ SSL_CTX_get_quiet_shutdown;
-+ SSL_CTX_get_timeout;
-+ SSL_CTX_get_verify_callback;
-+ SSL_CTX_get_verify_depth;
-+ SSL_CTX_get_verify_mode;
-+ SSL_CTX_load_verify_locations;
-+ SSL_CTX_new;
-+ SSL_CTX_remove_session;
-+ SSL_CTX_sess_get_get_cb;
-+ SSL_CTX_sess_get_new_cb;
-+ SSL_CTX_sess_get_remove_cb;
-+ SSL_CTX_sessions;
-+ SSL_CTX_sess_set_get_cb;
-+ SSL_CTX_sess_set_new_cb;
-+ SSL_CTX_sess_set_remove_cb;
-+ SSL_CTX_set1_param;
-+ SSL_CTX_set_cert_store;
-+ SSL_CTX_set_cert_verify_callback;
-+ SSL_CTX_set_cert_verify_cb;
-+ SSL_CTX_set_cipher_list;
-+ SSL_CTX_set_client_CA_list;
-+ SSL_CTX_set_client_cert_cb;
-+ SSL_CTX_set_client_cert_engine;
-+ SSL_CTX_set_cookie_generate_cb;
-+ SSL_CTX_set_cookie_verify_cb;
-+ SSL_CTX_set_default_passwd_cb;
-+ SSL_CTX_set_default_passwd_cb_userdata;
-+ SSL_CTX_set_default_verify_paths;
-+ SSL_CTX_set_def_passwd_cb_ud;
-+ SSL_CTX_set_def_verify_paths;
-+ SSL_CTX_set_ex_data;
-+ SSL_CTX_set_generate_session_id;
-+ SSL_CTX_set_info_callback;
-+ SSL_CTX_set_msg_callback;
-+ SSL_CTX_set_psk_client_callback;
-+ SSL_CTX_set_psk_server_callback;
-+ SSL_CTX_set_purpose;
-+ SSL_CTX_set_quiet_shutdown;
-+ SSL_CTX_set_session_id_context;
-+ SSL_CTX_set_ssl_version;
-+ SSL_CTX_set_timeout;
-+ SSL_CTX_set_tmp_dh_callback;
-+ SSL_CTX_set_tmp_ecdh_callback;
-+ SSL_CTX_set_tmp_rsa_callback;
-+ SSL_CTX_set_trust;
-+ SSL_CTX_set_verify;
-+ SSL_CTX_set_verify_depth;
-+ SSL_CTX_use_cert_chain_file;
-+ SSL_CTX_use_certificate;
-+ SSL_CTX_use_certificate_ASN1;
-+ SSL_CTX_use_certificate_chain_file;
-+ SSL_CTX_use_certificate_file;
-+ SSL_CTX_use_PrivateKey;
-+ SSL_CTX_use_PrivateKey_ASN1;
-+ SSL_CTX_use_PrivateKey_file;
-+ SSL_CTX_use_psk_identity_hint;
-+ SSL_CTX_use_RSAPrivateKey;
-+ SSL_CTX_use_RSAPrivateKey_ASN1;
-+ SSL_CTX_use_RSAPrivateKey_file;
-+ SSL_do_handshake;
-+ SSL_dup;
-+ SSL_dup_CA_list;
-+ SSLeay_add_ssl_algorithms;
-+ SSL_free;
-+ SSL_get1_session;
-+ SSL_get_certificate;
-+ SSL_get_cipher_list;
-+ SSL_get_ciphers;
-+ SSL_get_client_CA_list;
-+ SSL_get_current_cipher;
-+ SSL_get_current_compression;
-+ SSL_get_current_expansion;
-+ SSL_get_default_timeout;
-+ SSL_get_error;
-+ SSL_get_ex_data;
-+ SSL_get_ex_data_X509_STORE_CTX_idx;
-+ SSL_get_ex_d_X509_STORE_CTX_idx;
-+ SSL_get_ex_new_index;
-+ SSL_get_fd;
-+ SSL_get_finished;
-+ SSL_get_info_callback;
-+ SSL_get_peer_cert_chain;
-+ SSL_get_peer_certificate;
-+ SSL_get_peer_finished;
-+ SSL_get_privatekey;
-+ SSL_get_psk_identity;
-+ SSL_get_psk_identity_hint;
-+ SSL_get_quiet_shutdown;
-+ SSL_get_rbio;
-+ SSL_get_read_ahead;
-+ SSL_get_rfd;
-+ SSL_get_servername;
-+ SSL_get_servername_type;
-+ SSL_get_session;
-+ SSL_get_shared_ciphers;
-+ SSL_get_shutdown;
-+ SSL_get_SSL_CTX;
-+ SSL_get_ssl_method;
-+ SSL_get_verify_callback;
-+ SSL_get_verify_depth;
-+ SSL_get_verify_mode;
-+ SSL_get_verify_result;
-+ SSL_get_version;
-+ SSL_get_wbio;
-+ SSL_get_wfd;
-+ SSL_has_matching_session_id;
-+ SSL_library_init;
-+ SSL_load_client_CA_file;
-+ SSL_load_error_strings;
-+ SSL_new;
-+ SSL_peek;
-+ SSL_pending;
-+ SSL_read;
-+ SSL_renegotiate;
-+ SSL_renegotiate_pending;
-+ SSL_rstate_string;
-+ SSL_rstate_string_long;
-+ SSL_SESSION_cmp;
-+ SSL_SESSION_free;
-+ SSL_SESSION_get_ex_data;
-+ SSL_SESSION_get_ex_new_index;
-+ SSL_SESSION_get_id;
-+ SSL_SESSION_get_time;
-+ SSL_SESSION_get_timeout;
-+ SSL_SESSION_hash;
-+ SSL_SESSION_new;
-+ SSL_SESSION_print;
-+ SSL_SESSION_print_fp;
-+ SSL_SESSION_set_ex_data;
-+ SSL_SESSION_set_time;
-+ SSL_SESSION_set_timeout;
-+ SSL_set1_param;
-+ SSL_set_accept_state;
-+ SSL_set_bio;
-+ SSL_set_cipher_list;
-+ SSL_set_client_CA_list;
-+ SSL_set_connect_state;
-+ SSL_set_ex_data;
-+ SSL_set_fd;
-+ SSL_set_generate_session_id;
-+ SSL_set_info_callback;
-+ SSL_set_msg_callback;
-+ SSL_set_psk_client_callback;
-+ SSL_set_psk_server_callback;
-+ SSL_set_purpose;
-+ SSL_set_quiet_shutdown;
-+ SSL_set_read_ahead;
-+ SSL_set_rfd;
-+ SSL_set_session;
-+ SSL_set_session_id_context;
-+ SSL_set_session_secret_cb;
-+ SSL_set_session_ticket_ext;
-+ SSL_set_session_ticket_ext_cb;
-+ SSL_set_shutdown;
-+ SSL_set_SSL_CTX;
-+ SSL_set_ssl_method;
-+ SSL_set_tmp_dh_callback;
-+ SSL_set_tmp_ecdh_callback;
-+ SSL_set_tmp_rsa_callback;
-+ SSL_set_trust;
-+ SSL_set_verify;
-+ SSL_set_verify_depth;
-+ SSL_set_verify_result;
-+ SSL_set_wfd;
-+ SSL_shutdown;
-+ SSL_state;
-+ SSL_state_string;
-+ SSL_state_string_long;
-+ SSL_use_certificate;
-+ SSL_use_certificate_ASN1;
-+ SSL_use_certificate_file;
-+ SSL_use_PrivateKey;
-+ SSL_use_PrivateKey_ASN1;
-+ SSL_use_PrivateKey_file;
-+ SSL_use_psk_identity_hint;
-+ SSL_use_RSAPrivateKey;
-+ SSL_use_RSAPrivateKey_ASN1;
-+ SSL_use_RSAPrivateKey_file;
-+ SSLv23_client_method;
-+ SSLv23_method;
-+ SSLv23_server_method;
-+ SSLv2_client_method;
-+ SSLv2_method;
-+ SSLv2_server_method;
-+ SSLv3_client_method;
-+ SSLv3_method;
-+ SSLv3_server_method;
-+ SSL_version;
-+ SSL_want;
-+ SSL_write;
-+ TLSv1_client_method;
-+ TLSv1_method;
-+ TLSv1_server_method;
-+
-+
-+ SSLeay;
-+ SSLeay_version;
-+ ASN1_BIT_STRING_asn1_meth;
-+ ASN1_HEADER_free;
-+ ASN1_HEADER_new;
-+ ASN1_IA5STRING_asn1_meth;
-+ ASN1_INTEGER_get;
-+ ASN1_INTEGER_set;
-+ ASN1_INTEGER_to_BN;
-+ ASN1_OBJECT_create;
-+ ASN1_OBJECT_free;
-+ ASN1_OBJECT_new;
-+ ASN1_PRINTABLE_type;
-+ ASN1_STRING_cmp;
-+ ASN1_STRING_dup;
-+ ASN1_STRING_free;
-+ ASN1_STRING_new;
-+ ASN1_STRING_print;
-+ ASN1_STRING_set;
-+ ASN1_STRING_type_new;
-+ ASN1_TYPE_free;
-+ ASN1_TYPE_new;
-+ ASN1_UNIVERSALSTRING_to_string;
-+ ASN1_UTCTIME_check;
-+ ASN1_UTCTIME_print;
-+ ASN1_UTCTIME_set;
-+ ASN1_check_infinite_end;
-+ ASN1_d2i_bio;
-+ ASN1_d2i_fp;
-+ ASN1_digest;
-+ ASN1_dup;
-+ ASN1_get_object;
-+ ASN1_i2d_bio;
-+ ASN1_i2d_fp;
-+ ASN1_object_size;
-+ ASN1_parse;
-+ ASN1_put_object;
-+ ASN1_sign;
-+ ASN1_verify;
-+ BF_cbc_encrypt;
-+ BF_cfb64_encrypt;
-+ BF_ecb_encrypt;
-+ BF_encrypt;
-+ BF_ofb64_encrypt;
-+ BF_options;
-+ BF_set_key;
-+ BIO_CONNECT_free;
-+ BIO_CONNECT_new;
-+ BIO_accept;
-+ BIO_ctrl;
-+ BIO_int_ctrl;
-+ BIO_debug_callback;
-+ BIO_dump;
-+ BIO_dup_chain;
-+ BIO_f_base64;
-+ BIO_f_buffer;
-+ BIO_f_cipher;
-+ BIO_f_md;
-+ BIO_f_null;
-+ BIO_f_proxy_server;
-+ BIO_fd_non_fatal_error;
-+ BIO_fd_should_retry;
-+ BIO_find_type;
-+ BIO_free;
-+ BIO_free_all;
-+ BIO_get_accept_socket;
-+ BIO_get_filter_bio;
-+ BIO_get_host_ip;
-+ BIO_get_port;
-+ BIO_get_retry_BIO;
-+ BIO_get_retry_reason;
-+ BIO_gethostbyname;
-+ BIO_gets;
-+ BIO_new;
-+ BIO_new_accept;
-+ BIO_new_connect;
-+ BIO_new_fd;
-+ BIO_new_file;
-+ BIO_new_fp;
-+ BIO_new_socket;
-+ BIO_pop;
-+ BIO_printf;
-+ BIO_push;
-+ BIO_puts;
-+ BIO_read;
-+ BIO_s_accept;
-+ BIO_s_connect;
-+ BIO_s_fd;
-+ BIO_s_file;
-+ BIO_s_mem;
-+ BIO_s_null;
-+ BIO_s_proxy_client;
-+ BIO_s_socket;
-+ BIO_set;
-+ BIO_set_cipher;
-+ BIO_set_tcp_ndelay;
-+ BIO_sock_cleanup;
-+ BIO_sock_error;
-+ BIO_sock_init;
-+ BIO_sock_non_fatal_error;
-+ BIO_sock_should_retry;
-+ BIO_socket_ioctl;
-+ BIO_write;
-+ BN_CTX_free;
-+ BN_CTX_new;
-+ BN_MONT_CTX_free;
-+ BN_MONT_CTX_new;
-+ BN_MONT_CTX_set;
-+ BN_add;
-+ BN_add_word;
-+ BN_hex2bn;
-+ BN_bin2bn;
-+ BN_bn2hex;
-+ BN_bn2bin;
-+ BN_clear;
-+ BN_clear_bit;
-+ BN_clear_free;
-+ BN_cmp;
-+ BN_copy;
-+ BN_div;
-+ BN_div_word;
-+ BN_dup;
-+ BN_free;
-+ BN_from_montgomery;
-+ BN_gcd;
-+ BN_generate_prime;
-+ BN_get_word;
-+ BN_is_bit_set;
-+ BN_is_prime;
-+ BN_lshift;
-+ BN_lshift1;
-+ BN_mask_bits;
-+ BN_mod;
-+ BN_mod_exp;
-+ BN_mod_exp_mont;
-+ BN_mod_exp_simple;
-+ BN_mod_inverse;
-+ BN_mod_mul;
-+ BN_mod_mul_montgomery;
-+ BN_mod_word;
-+ BN_mul;
-+ BN_new;
-+ BN_num_bits;
-+ BN_num_bits_word;
-+ BN_options;
-+ BN_print;
-+ BN_print_fp;
-+ BN_rand;
-+ BN_reciprocal;
-+ BN_rshift;
-+ BN_rshift1;
-+ BN_set_bit;
-+ BN_set_word;
-+ BN_sqr;
-+ BN_sub;
-+ BN_to_ASN1_INTEGER;
-+ BN_ucmp;
-+ BN_value_one;
-+ BUF_MEM_free;
-+ BUF_MEM_grow;
-+ BUF_MEM_new;
-+ BUF_strdup;
-+ CONF_free;
-+ CONF_get_number;
-+ CONF_get_section;
-+ CONF_get_string;
-+ CONF_load;
-+ CRYPTO_add_lock;
-+ CRYPTO_dbg_free;
-+ CRYPTO_dbg_malloc;
-+ CRYPTO_dbg_realloc;
-+ CRYPTO_dbg_remalloc;
-+ CRYPTO_free;
-+ CRYPTO_get_add_lock_callback;
-+ CRYPTO_get_id_callback;
-+ CRYPTO_get_lock_name;
-+ CRYPTO_get_locking_callback;
-+ CRYPTO_get_mem_functions;
-+ CRYPTO_lock;
-+ CRYPTO_malloc;
-+ CRYPTO_mem_ctrl;
-+ CRYPTO_mem_leaks;
-+ CRYPTO_mem_leaks_cb;
-+ CRYPTO_mem_leaks_fp;
-+ CRYPTO_realloc;
-+ CRYPTO_remalloc;
-+ CRYPTO_set_add_lock_callback;
-+ CRYPTO_set_id_callback;
-+ CRYPTO_set_locking_callback;
-+ CRYPTO_set_mem_functions;
-+ CRYPTO_thread_id;
-+ DH_check;
-+ DH_compute_key;
-+ DH_free;
-+ DH_generate_key;
-+ DH_generate_parameters;
-+ DH_new;
-+ DH_size;
-+ DHparams_print;
-+ DHparams_print_fp;
-+ DSA_free;
-+ DSA_generate_key;
-+ DSA_generate_parameters;
-+ DSA_is_prime;
-+ DSA_new;
-+ DSA_print;
-+ DSA_print_fp;
-+ DSA_sign;
-+ DSA_sign_setup;
-+ DSA_size;
-+ DSA_verify;
-+ DSAparams_print;
-+ DSAparams_print_fp;
-+ ERR_clear_error;
-+ ERR_error_string;
-+ ERR_free_strings;
-+ ERR_func_error_string;
-+ ERR_get_err_state_table;
-+ ERR_get_error;
-+ ERR_get_error_line;
-+ ERR_get_state;
-+ ERR_get_string_table;
-+ ERR_lib_error_string;
-+ ERR_load_ASN1_strings;
-+ ERR_load_BIO_strings;
-+ ERR_load_BN_strings;
-+ ERR_load_BUF_strings;
-+ ERR_load_CONF_strings;
-+ ERR_load_DH_strings;
-+ ERR_load_DSA_strings;
-+ ERR_load_ERR_strings;
-+ ERR_load_EVP_strings;
-+ ERR_load_OBJ_strings;
-+ ERR_load_PEM_strings;
-+ ERR_load_PROXY_strings;
-+ ERR_load_RSA_strings;
-+ ERR_load_X509_strings;
-+ ERR_load_crypto_strings;
-+ ERR_load_strings;
-+ ERR_peek_error;
-+ ERR_peek_error_line;
-+ ERR_print_errors;
-+ ERR_print_errors_fp;
-+ ERR_put_error;
-+ ERR_reason_error_string;
-+ ERR_remove_state;
-+ EVP_BytesToKey;
-+ EVP_CIPHER_CTX_cleanup;
-+ EVP_CipherFinal;
-+ EVP_CipherInit;
-+ EVP_CipherUpdate;
-+ EVP_DecodeBlock;
-+ EVP_DecodeFinal;
-+ EVP_DecodeInit;
-+ EVP_DecodeUpdate;
-+ EVP_DecryptFinal;
-+ EVP_DecryptInit;
-+ EVP_DecryptUpdate;
-+ EVP_DigestFinal;
-+ EVP_DigestInit;
-+ EVP_DigestUpdate;
-+ EVP_EncodeBlock;
-+ EVP_EncodeFinal;
-+ EVP_EncodeInit;
-+ EVP_EncodeUpdate;
-+ EVP_EncryptFinal;
-+ EVP_EncryptInit;
-+ EVP_EncryptUpdate;
-+ EVP_OpenFinal;
-+ EVP_OpenInit;
-+ EVP_PKEY_assign;
-+ EVP_PKEY_copy_parameters;
-+ EVP_PKEY_free;
-+ EVP_PKEY_missing_parameters;
-+ EVP_PKEY_new;
-+ EVP_PKEY_save_parameters;
-+ EVP_PKEY_size;
-+ EVP_PKEY_type;
-+ EVP_SealFinal;
-+ EVP_SealInit;
-+ EVP_SignFinal;
-+ EVP_VerifyFinal;
-+ EVP_add_alias;
-+ EVP_add_cipher;
-+ EVP_add_digest;
-+ EVP_bf_cbc;
-+ EVP_bf_cfb64;
-+ EVP_bf_ecb;
-+ EVP_bf_ofb;
-+ EVP_cleanup;
-+ EVP_des_cbc;
-+ EVP_des_cfb64;
-+ EVP_des_ecb;
-+ EVP_des_ede;
-+ EVP_des_ede3;
-+ EVP_des_ede3_cbc;
-+ EVP_des_ede3_cfb64;
-+ EVP_des_ede3_ofb;
-+ EVP_des_ede_cbc;
-+ EVP_des_ede_cfb64;
-+ EVP_des_ede_ofb;
-+ EVP_des_ofb;
-+ EVP_desx_cbc;
-+ EVP_dss;
-+ EVP_dss1;
-+ EVP_enc_null;
-+ EVP_get_cipherbyname;
-+ EVP_get_digestbyname;
-+ EVP_get_pw_prompt;
-+ EVP_idea_cbc;
-+ EVP_idea_cfb64;
-+ EVP_idea_ecb;
-+ EVP_idea_ofb;
-+ EVP_md2;
-+ EVP_md5;
-+ EVP_md_null;
-+ EVP_rc2_cbc;
-+ EVP_rc2_cfb64;
-+ EVP_rc2_ecb;
-+ EVP_rc2_ofb;
-+ EVP_rc4;
-+ EVP_read_pw_string;
-+ EVP_set_pw_prompt;
-+ EVP_sha;
-+ EVP_sha1;
-+ MD2;
-+ MD2_Final;
-+ MD2_Init;
-+ MD2_Update;
-+ MD2_options;
-+ MD5;
-+ MD5_Final;
-+ MD5_Init;
-+ MD5_Update;
-+ MDC2;
-+ MDC2_Final;
-+ MDC2_Init;
-+ MDC2_Update;
-+ NETSCAPE_SPKAC_free;
-+ NETSCAPE_SPKAC_new;
-+ NETSCAPE_SPKI_free;
-+ NETSCAPE_SPKI_new;
-+ NETSCAPE_SPKI_sign;
-+ NETSCAPE_SPKI_verify;
-+ OBJ_add_object;
-+ OBJ_bsearch;
-+ OBJ_cleanup;
-+ OBJ_cmp;
-+ OBJ_create;
-+ OBJ_dup;
-+ OBJ_ln2nid;
-+ OBJ_new_nid;
-+ OBJ_nid2ln;
-+ OBJ_nid2obj;
-+ OBJ_nid2sn;
-+ OBJ_obj2nid;
-+ OBJ_sn2nid;
-+ OBJ_txt2nid;
-+ PEM_ASN1_read;
-+ PEM_ASN1_read_bio;
-+ PEM_ASN1_write;
-+ PEM_ASN1_write_bio;
-+ PEM_SealFinal;
-+ PEM_SealInit;
-+ PEM_SealUpdate;
-+ PEM_SignFinal;
-+ PEM_SignInit;
-+ PEM_SignUpdate;
-+ PEM_X509_INFO_read;
-+ PEM_X509_INFO_read_bio;
-+ PEM_X509_INFO_write_bio;
-+ PEM_dek_info;
-+ PEM_do_header;
-+ PEM_get_EVP_CIPHER_INFO;
-+ PEM_proc_type;
-+ PEM_read;
-+ PEM_read_DHparams;
-+ PEM_read_DSAPrivateKey;
-+ PEM_read_DSAparams;
-+ PEM_read_PKCS7;
-+ PEM_read_PrivateKey;
-+ PEM_read_RSAPrivateKey;
-+ PEM_read_X509;
-+ PEM_read_X509_CRL;
-+ PEM_read_X509_REQ;
-+ PEM_read_bio;
-+ PEM_read_bio_DHparams;
-+ PEM_read_bio_DSAPrivateKey;
-+ PEM_read_bio_DSAparams;
-+ PEM_read_bio_PKCS7;
-+ PEM_read_bio_PrivateKey;
-+ PEM_read_bio_RSAPrivateKey;
-+ PEM_read_bio_X509;
-+ PEM_read_bio_X509_CRL;
-+ PEM_read_bio_X509_REQ;
-+ PEM_write;
-+ PEM_write_DHparams;
-+ PEM_write_DSAPrivateKey;
-+ PEM_write_DSAparams;
-+ PEM_write_PKCS7;
-+ PEM_write_PrivateKey;
-+ PEM_write_RSAPrivateKey;
-+ PEM_write_X509;
-+ PEM_write_X509_CRL;
-+ PEM_write_X509_REQ;
-+ PEM_write_bio;
-+ PEM_write_bio_DHparams;
-+ PEM_write_bio_DSAPrivateKey;
-+ PEM_write_bio_DSAparams;
-+ PEM_write_bio_PKCS7;
-+ PEM_write_bio_PrivateKey;
-+ PEM_write_bio_RSAPrivateKey;
-+ PEM_write_bio_X509;
-+ PEM_write_bio_X509_CRL;
-+ PEM_write_bio_X509_REQ;
-+ PKCS7_DIGEST_free;
-+ PKCS7_DIGEST_new;
-+ PKCS7_ENCRYPT_free;
-+ PKCS7_ENCRYPT_new;
-+ PKCS7_ENC_CONTENT_free;
-+ PKCS7_ENC_CONTENT_new;
-+ PKCS7_ENVELOPE_free;
-+ PKCS7_ENVELOPE_new;
-+ PKCS7_ISSUER_AND_SERIAL_digest;
-+ PKCS7_ISSUER_AND_SERIAL_free;
-+ PKCS7_ISSUER_AND_SERIAL_new;
-+ PKCS7_RECIP_INFO_free;
-+ PKCS7_RECIP_INFO_new;
-+ PKCS7_SIGNED_free;
-+ PKCS7_SIGNED_new;
-+ PKCS7_SIGNER_INFO_free;
-+ PKCS7_SIGNER_INFO_new;
-+ PKCS7_SIGN_ENVELOPE_free;
-+ PKCS7_SIGN_ENVELOPE_new;
-+ PKCS7_dup;
-+ PKCS7_free;
-+ PKCS7_new;
-+ PROXY_ENTRY_add_noproxy;
-+ PROXY_ENTRY_clear_noproxy;
-+ PROXY_ENTRY_free;
-+ PROXY_ENTRY_get_noproxy;
-+ PROXY_ENTRY_new;
-+ PROXY_ENTRY_set_server;
-+ PROXY_add_noproxy;
-+ PROXY_add_server;
-+ PROXY_check_by_host;
-+ PROXY_check_url;
-+ PROXY_clear_noproxy;
-+ PROXY_free;
-+ PROXY_get_noproxy;
-+ PROXY_get_proxies;
-+ PROXY_get_proxy_entry;
-+ PROXY_load_conf;
-+ PROXY_new;
-+ PROXY_print;
-+ RAND_bytes;
-+ RAND_cleanup;
-+ RAND_file_name;
-+ RAND_load_file;
-+ RAND_screen;
-+ RAND_seed;
-+ RAND_write_file;
-+ RC2_cbc_encrypt;
-+ RC2_cfb64_encrypt;
-+ RC2_ecb_encrypt;
-+ RC2_encrypt;
-+ RC2_ofb64_encrypt;
-+ RC2_set_key;
-+ RC4;
-+ RC4_options;
-+ RC4_set_key;
-+ RSAPrivateKey_asn1_meth;
-+ RSAPrivateKey_dup;
-+ RSAPublicKey_dup;
-+ RSA_PKCS1_SSLeay;
-+ RSA_free;
-+ RSA_generate_key;
-+ RSA_new;
-+ RSA_new_method;
-+ RSA_print;
-+ RSA_print_fp;
-+ RSA_private_decrypt;
-+ RSA_private_encrypt;
-+ RSA_public_decrypt;
-+ RSA_public_encrypt;
-+ RSA_set_default_method;
-+ RSA_sign;
-+ RSA_sign_ASN1_OCTET_STRING;
-+ RSA_size;
-+ RSA_verify;
-+ RSA_verify_ASN1_OCTET_STRING;
-+ SHA;
-+ SHA1;
-+ SHA1_Final;
-+ SHA1_Init;
-+ SHA1_Update;
-+ SHA_Final;
-+ SHA_Init;
-+ SHA_Update;
-+ OpenSSL_add_all_algorithms;
-+ OpenSSL_add_all_ciphers;
-+ OpenSSL_add_all_digests;
-+ TXT_DB_create_index;
-+ TXT_DB_free;
-+ TXT_DB_get_by_index;
-+ TXT_DB_insert;
-+ TXT_DB_read;
-+ TXT_DB_write;
-+ X509_ALGOR_free;
-+ X509_ALGOR_new;
-+ X509_ATTRIBUTE_free;
-+ X509_ATTRIBUTE_new;
-+ X509_CINF_free;
-+ X509_CINF_new;
-+ X509_CRL_INFO_free;
-+ X509_CRL_INFO_new;
-+ X509_CRL_add_ext;
-+ X509_CRL_cmp;
-+ X509_CRL_delete_ext;
-+ X509_CRL_dup;
-+ X509_CRL_free;
-+ X509_CRL_get_ext;
-+ X509_CRL_get_ext_by_NID;
-+ X509_CRL_get_ext_by_OBJ;
-+ X509_CRL_get_ext_by_critical;
-+ X509_CRL_get_ext_count;
-+ X509_CRL_new;
-+ X509_CRL_sign;
-+ X509_CRL_verify;
-+ X509_EXTENSION_create_by_NID;
-+ X509_EXTENSION_create_by_OBJ;
-+ X509_EXTENSION_dup;
-+ X509_EXTENSION_free;
-+ X509_EXTENSION_get_critical;
-+ X509_EXTENSION_get_data;
-+ X509_EXTENSION_get_object;
-+ X509_EXTENSION_new;
-+ X509_EXTENSION_set_critical;
-+ X509_EXTENSION_set_data;
-+ X509_EXTENSION_set_object;
-+ X509_INFO_free;
-+ X509_INFO_new;
-+ X509_LOOKUP_by_alias;
-+ X509_LOOKUP_by_fingerprint;
-+ X509_LOOKUP_by_issuer_serial;
-+ X509_LOOKUP_by_subject;
-+ X509_LOOKUP_ctrl;
-+ X509_LOOKUP_file;
-+ X509_LOOKUP_free;
-+ X509_LOOKUP_hash_dir;
-+ X509_LOOKUP_init;
-+ X509_LOOKUP_new;
-+ X509_LOOKUP_shutdown;
-+ X509_NAME_ENTRY_create_by_NID;
-+ X509_NAME_ENTRY_create_by_OBJ;
-+ X509_NAME_ENTRY_dup;
-+ X509_NAME_ENTRY_free;
-+ X509_NAME_ENTRY_get_data;
-+ X509_NAME_ENTRY_get_object;
-+ X509_NAME_ENTRY_new;
-+ X509_NAME_ENTRY_set_data;
-+ X509_NAME_ENTRY_set_object;
-+ X509_NAME_add_entry;
-+ X509_NAME_cmp;
-+ X509_NAME_delete_entry;
-+ X509_NAME_digest;
-+ X509_NAME_dup;
-+ X509_NAME_entry_count;
-+ X509_NAME_free;
-+ X509_NAME_get_entry;
-+ X509_NAME_get_index_by_NID;
-+ X509_NAME_get_index_by_OBJ;
-+ X509_NAME_get_text_by_NID;
-+ X509_NAME_get_text_by_OBJ;
-+ X509_NAME_hash;
-+ X509_NAME_new;
-+ X509_NAME_oneline;
-+ X509_NAME_print;
-+ X509_NAME_set;
-+ X509_OBJECT_free_contents;
-+ X509_OBJECT_retrieve_by_subject;
-+ X509_OBJECT_up_ref_count;
-+ X509_PKEY_free;
-+ X509_PKEY_new;
-+ X509_PUBKEY_free;
-+ X509_PUBKEY_get;
-+ X509_PUBKEY_new;
-+ X509_PUBKEY_set;
-+ X509_REQ_INFO_free;
-+ X509_REQ_INFO_new;
-+ X509_REQ_dup;
-+ X509_REQ_free;
-+ X509_REQ_get_pubkey;
-+ X509_REQ_new;
-+ X509_REQ_print;
-+ X509_REQ_print_fp;
-+ X509_REQ_set_pubkey;
-+ X509_REQ_set_subject_name;
-+ X509_REQ_set_version;
-+ X509_REQ_sign;
-+ X509_REQ_to_X509;
-+ X509_REQ_verify;
-+ X509_REVOKED_add_ext;
-+ X509_REVOKED_delete_ext;
-+ X509_REVOKED_free;
-+ X509_REVOKED_get_ext;
-+ X509_REVOKED_get_ext_by_NID;
-+ X509_REVOKED_get_ext_by_OBJ;
-+ X509_REVOKED_get_ext_by_critical;
-+ X509_REVOKED_get_ext_by_critic;
-+ X509_REVOKED_get_ext_count;
-+ X509_REVOKED_new;
-+ X509_SIG_free;
-+ X509_SIG_new;
-+ X509_STORE_CTX_cleanup;
-+ X509_STORE_CTX_init;
-+ X509_STORE_add_cert;
-+ X509_STORE_add_lookup;
-+ X509_STORE_free;
-+ X509_STORE_get_by_subject;
-+ X509_STORE_load_locations;
-+ X509_STORE_new;
-+ X509_STORE_set_default_paths;
-+ X509_VAL_free;
-+ X509_VAL_new;
-+ X509_add_ext;
-+ X509_asn1_meth;
-+ X509_certificate_type;
-+ X509_check_private_key;
-+ X509_cmp_current_time;
-+ X509_delete_ext;
-+ X509_digest;
-+ X509_dup;
-+ X509_free;
-+ X509_get_default_cert_area;
-+ X509_get_default_cert_dir;
-+ X509_get_default_cert_dir_env;
-+ X509_get_default_cert_file;
-+ X509_get_default_cert_file_env;
-+ X509_get_default_private_dir;
-+ X509_get_ext;
-+ X509_get_ext_by_NID;
-+ X509_get_ext_by_OBJ;
-+ X509_get_ext_by_critical;
-+ X509_get_ext_count;
-+ X509_get_issuer_name;
-+ X509_get_pubkey;
-+ X509_get_pubkey_parameters;
-+ X509_get_serialNumber;
-+ X509_get_subject_name;
-+ X509_gmtime_adj;
-+ X509_issuer_and_serial_cmp;
-+ X509_issuer_and_serial_hash;
-+ X509_issuer_name_cmp;
-+ X509_issuer_name_hash;
-+ X509_load_cert_file;
-+ X509_new;
-+ X509_print;
-+ X509_print_fp;
-+ X509_set_issuer_name;
-+ X509_set_notAfter;
-+ X509_set_notBefore;
-+ X509_set_pubkey;
-+ X509_set_serialNumber;
-+ X509_set_subject_name;
-+ X509_set_version;
-+ X509_sign;
-+ X509_subject_name_cmp;
-+ X509_subject_name_hash;
-+ X509_to_X509_REQ;
-+ X509_verify;
-+ X509_verify_cert;
-+ X509_verify_cert_error_string;
-+ X509v3_add_ext;
-+ X509v3_add_extension;
-+ X509v3_add_netscape_extensions;
-+ X509v3_add_standard_extensions;
-+ X509v3_cleanup_extensions;
-+ X509v3_data_type_by_NID;
-+ X509v3_data_type_by_OBJ;
-+ X509v3_delete_ext;
-+ X509v3_get_ext;
-+ X509v3_get_ext_by_NID;
-+ X509v3_get_ext_by_OBJ;
-+ X509v3_get_ext_by_critical;
-+ X509v3_get_ext_count;
-+ X509v3_pack_string;
-+ X509v3_pack_type_by_NID;
-+ X509v3_pack_type_by_OBJ;
-+ X509v3_unpack_string;
-+ _des_crypt;
-+ a2d_ASN1_OBJECT;
-+ a2i_ASN1_INTEGER;
-+ a2i_ASN1_STRING;
-+ asn1_Finish;
-+ asn1_GetSequence;
-+ bn_div_words;
-+ bn_expand2;
-+ bn_mul_add_words;
-+ bn_mul_words;
-+ BN_uadd;
-+ BN_usub;
-+ bn_sqr_words;
-+ _ossl_old_crypt;
-+ d2i_ASN1_BIT_STRING;
-+ d2i_ASN1_BOOLEAN;
-+ d2i_ASN1_HEADER;
-+ d2i_ASN1_IA5STRING;
-+ d2i_ASN1_INTEGER;
-+ d2i_ASN1_OBJECT;
-+ d2i_ASN1_OCTET_STRING;
-+ d2i_ASN1_PRINTABLE;
-+ d2i_ASN1_PRINTABLESTRING;
-+ d2i_ASN1_SET;
-+ d2i_ASN1_T61STRING;
-+ d2i_ASN1_TYPE;
-+ d2i_ASN1_UTCTIME;
-+ d2i_ASN1_bytes;
-+ d2i_ASN1_type_bytes;
-+ d2i_DHparams;
-+ d2i_DSAPrivateKey;
-+ d2i_DSAPrivateKey_bio;
-+ d2i_DSAPrivateKey_fp;
-+ d2i_DSAPublicKey;
-+ d2i_DSAparams;
-+ d2i_NETSCAPE_SPKAC;
-+ d2i_NETSCAPE_SPKI;
-+ d2i_Netscape_RSA;
-+ d2i_PKCS7;
-+ d2i_PKCS7_DIGEST;
-+ d2i_PKCS7_ENCRYPT;
-+ d2i_PKCS7_ENC_CONTENT;
-+ d2i_PKCS7_ENVELOPE;
-+ d2i_PKCS7_ISSUER_AND_SERIAL;
-+ d2i_PKCS7_RECIP_INFO;
-+ d2i_PKCS7_SIGNED;
-+ d2i_PKCS7_SIGNER_INFO;
-+ d2i_PKCS7_SIGN_ENVELOPE;
-+ d2i_PKCS7_bio;
-+ d2i_PKCS7_fp;
-+ d2i_PrivateKey;
-+ d2i_PublicKey;
-+ d2i_RSAPrivateKey;
-+ d2i_RSAPrivateKey_bio;
-+ d2i_RSAPrivateKey_fp;
-+ d2i_RSAPublicKey;
-+ d2i_X509;
-+ d2i_X509_ALGOR;
-+ d2i_X509_ATTRIBUTE;
-+ d2i_X509_CINF;
-+ d2i_X509_CRL;
-+ d2i_X509_CRL_INFO;
-+ d2i_X509_CRL_bio;
-+ d2i_X509_CRL_fp;
-+ d2i_X509_EXTENSION;
-+ d2i_X509_NAME;
-+ d2i_X509_NAME_ENTRY;
-+ d2i_X509_PKEY;
-+ d2i_X509_PUBKEY;
-+ d2i_X509_REQ;
-+ d2i_X509_REQ_INFO;
-+ d2i_X509_REQ_bio;
-+ d2i_X509_REQ_fp;
-+ d2i_X509_REVOKED;
-+ d2i_X509_SIG;
-+ d2i_X509_VAL;
-+ d2i_X509_bio;
-+ d2i_X509_fp;
-+ DES_cbc_cksum;
-+ DES_cbc_encrypt;
-+ DES_cblock_print_file;
-+ DES_cfb64_encrypt;
-+ DES_cfb_encrypt;
-+ DES_decrypt3;
-+ DES_ecb3_encrypt;
-+ DES_ecb_encrypt;
-+ DES_ede3_cbc_encrypt;
-+ DES_ede3_cfb64_encrypt;
-+ DES_ede3_ofb64_encrypt;
-+ DES_enc_read;
-+ DES_enc_write;
-+ DES_encrypt1;
-+ DES_encrypt2;
-+ DES_encrypt3;
-+ DES_fcrypt;
-+ DES_is_weak_key;
-+ DES_key_sched;
-+ DES_ncbc_encrypt;
-+ DES_ofb64_encrypt;
-+ DES_ofb_encrypt;
-+ DES_options;
-+ DES_pcbc_encrypt;
-+ DES_quad_cksum;
-+ DES_random_key;
-+ _ossl_old_des_random_seed;
-+ _ossl_old_des_read_2passwords;
-+ _ossl_old_des_read_password;
-+ _ossl_old_des_read_pw;
-+ _ossl_old_des_read_pw_string;
-+ DES_set_key;
-+ DES_set_odd_parity;
-+ DES_string_to_2keys;
-+ DES_string_to_key;
-+ DES_xcbc_encrypt;
-+ DES_xwhite_in2out;
-+ fcrypt_body;
-+ i2a_ASN1_INTEGER;
-+ i2a_ASN1_OBJECT;
-+ i2a_ASN1_STRING;
-+ i2d_ASN1_BIT_STRING;
-+ i2d_ASN1_BOOLEAN;
-+ i2d_ASN1_HEADER;
-+ i2d_ASN1_IA5STRING;
-+ i2d_ASN1_INTEGER;
-+ i2d_ASN1_OBJECT;
-+ i2d_ASN1_OCTET_STRING;
-+ i2d_ASN1_PRINTABLE;
-+ i2d_ASN1_SET;
-+ i2d_ASN1_TYPE;
-+ i2d_ASN1_UTCTIME;
-+ i2d_ASN1_bytes;
-+ i2d_DHparams;
-+ i2d_DSAPrivateKey;
-+ i2d_DSAPrivateKey_bio;
-+ i2d_DSAPrivateKey_fp;
-+ i2d_DSAPublicKey;
-+ i2d_DSAparams;
-+ i2d_NETSCAPE_SPKAC;
-+ i2d_NETSCAPE_SPKI;
-+ i2d_Netscape_RSA;
-+ i2d_PKCS7;
-+ i2d_PKCS7_DIGEST;
-+ i2d_PKCS7_ENCRYPT;
-+ i2d_PKCS7_ENC_CONTENT;
-+ i2d_PKCS7_ENVELOPE;
-+ i2d_PKCS7_ISSUER_AND_SERIAL;
-+ i2d_PKCS7_RECIP_INFO;
-+ i2d_PKCS7_SIGNED;
-+ i2d_PKCS7_SIGNER_INFO;
-+ i2d_PKCS7_SIGN_ENVELOPE;
-+ i2d_PKCS7_bio;
-+ i2d_PKCS7_fp;
-+ i2d_PrivateKey;
-+ i2d_PublicKey;
-+ i2d_RSAPrivateKey;
-+ i2d_RSAPrivateKey_bio;
-+ i2d_RSAPrivateKey_fp;
-+ i2d_RSAPublicKey;
-+ i2d_X509;
-+ i2d_X509_ALGOR;
-+ i2d_X509_ATTRIBUTE;
-+ i2d_X509_CINF;
-+ i2d_X509_CRL;
-+ i2d_X509_CRL_INFO;
-+ i2d_X509_CRL_bio;
-+ i2d_X509_CRL_fp;
-+ i2d_X509_EXTENSION;
-+ i2d_X509_NAME;
-+ i2d_X509_NAME_ENTRY;
-+ i2d_X509_PKEY;
-+ i2d_X509_PUBKEY;
-+ i2d_X509_REQ;
-+ i2d_X509_REQ_INFO;
-+ i2d_X509_REQ_bio;
-+ i2d_X509_REQ_fp;
-+ i2d_X509_REVOKED;
-+ i2d_X509_SIG;
-+ i2d_X509_VAL;
-+ i2d_X509_bio;
-+ i2d_X509_fp;
-+ idea_cbc_encrypt;
-+ idea_cfb64_encrypt;
-+ idea_ecb_encrypt;
-+ idea_encrypt;
-+ idea_ofb64_encrypt;
-+ idea_options;
-+ idea_set_decrypt_key;
-+ idea_set_encrypt_key;
-+ lh_delete;
-+ lh_doall;
-+ lh_doall_arg;
-+ lh_free;
-+ lh_insert;
-+ lh_new;
-+ lh_node_stats;
-+ lh_node_stats_bio;
-+ lh_node_usage_stats;
-+ lh_node_usage_stats_bio;
-+ lh_retrieve;
-+ lh_stats;
-+ lh_stats_bio;
-+ lh_strhash;
-+ sk_delete;
-+ sk_delete_ptr;
-+ sk_dup;
-+ sk_find;
-+ sk_free;
-+ sk_insert;
-+ sk_new;
-+ sk_pop;
-+ sk_pop_free;
-+ sk_push;
-+ sk_set_cmp_func;
-+ sk_shift;
-+ sk_unshift;
-+ sk_zero;
-+ BIO_f_nbio_test;
-+ ASN1_TYPE_get;
-+ ASN1_TYPE_set;
-+ PKCS7_content_free;
-+ ERR_load_PKCS7_strings;
-+ X509_find_by_issuer_and_serial;
-+ X509_find_by_subject;
-+ PKCS7_ctrl;
-+ PKCS7_set_type;
-+ PKCS7_set_content;
-+ PKCS7_SIGNER_INFO_set;
-+ PKCS7_add_signer;
-+ PKCS7_add_certificate;
-+ PKCS7_add_crl;
-+ PKCS7_content_new;
-+ PKCS7_dataSign;
-+ PKCS7_dataVerify;
-+ PKCS7_dataInit;
-+ PKCS7_add_signature;
-+ PKCS7_cert_from_signer_info;
-+ PKCS7_get_signer_info;
-+ EVP_delete_alias;
-+ EVP_mdc2;
-+ PEM_read_bio_RSAPublicKey;
-+ PEM_write_bio_RSAPublicKey;
-+ d2i_RSAPublicKey_bio;
-+ i2d_RSAPublicKey_bio;
-+ PEM_read_RSAPublicKey;
-+ PEM_write_RSAPublicKey;
-+ d2i_RSAPublicKey_fp;
-+ i2d_RSAPublicKey_fp;
-+ BIO_copy_next_retry;
-+ RSA_flags;
-+ X509_STORE_add_crl;
-+ X509_load_crl_file;
-+ EVP_rc2_40_cbc;
-+ EVP_rc4_40;
-+ EVP_CIPHER_CTX_init;
-+ HMAC;
-+ HMAC_Init;
-+ HMAC_Update;
-+ HMAC_Final;
-+ ERR_get_next_error_library;
-+ EVP_PKEY_cmp_parameters;
-+ HMAC_cleanup;
-+ BIO_ptr_ctrl;
-+ BIO_new_file_internal;
-+ BIO_new_fp_internal;
-+ BIO_s_file_internal;
-+ BN_BLINDING_convert;
-+ BN_BLINDING_invert;
-+ BN_BLINDING_update;
-+ RSA_blinding_on;
-+ RSA_blinding_off;
-+ i2t_ASN1_OBJECT;
-+ BN_BLINDING_new;
-+ BN_BLINDING_free;
-+ EVP_cast5_cbc;
-+ EVP_cast5_cfb64;
-+ EVP_cast5_ecb;
-+ EVP_cast5_ofb;
-+ BF_decrypt;
-+ CAST_set_key;
-+ CAST_encrypt;
-+ CAST_decrypt;
-+ CAST_ecb_encrypt;
-+ CAST_cbc_encrypt;
-+ CAST_cfb64_encrypt;
-+ CAST_ofb64_encrypt;
-+ RC2_decrypt;
-+ OBJ_create_objects;
-+ BN_exp;
-+ BN_mul_word;
-+ BN_sub_word;
-+ BN_dec2bn;
-+ BN_bn2dec;
-+ BIO_ghbn_ctrl;
-+ CRYPTO_free_ex_data;
-+ CRYPTO_get_ex_data;
-+ CRYPTO_set_ex_data;
-+ ERR_load_CRYPTO_strings;
-+ ERR_load_CRYPTOlib_strings;
-+ EVP_PKEY_bits;
-+ MD5_Transform;
-+ SHA1_Transform;
-+ SHA_Transform;
-+ X509_STORE_CTX_get_chain;
-+ X509_STORE_CTX_get_current_cert;
-+ X509_STORE_CTX_get_error;
-+ X509_STORE_CTX_get_error_depth;
-+ X509_STORE_CTX_get_ex_data;
-+ X509_STORE_CTX_set_cert;
-+ X509_STORE_CTX_set_chain;
-+ X509_STORE_CTX_set_error;
-+ X509_STORE_CTX_set_ex_data;
-+ CRYPTO_dup_ex_data;
-+ CRYPTO_get_new_lockid;
-+ CRYPTO_new_ex_data;
-+ RSA_set_ex_data;
-+ RSA_get_ex_data;
-+ RSA_get_ex_new_index;
-+ RSA_padding_add_PKCS1_type_1;
-+ RSA_padding_add_PKCS1_type_2;
-+ RSA_padding_add_SSLv23;
-+ RSA_padding_add_none;
-+ RSA_padding_check_PKCS1_type_1;
-+ RSA_padding_check_PKCS1_type_2;
-+ RSA_padding_check_SSLv23;
-+ RSA_padding_check_none;
-+ bn_add_words;
-+ d2i_Netscape_RSA_2;
-+ CRYPTO_get_ex_new_index;
-+ RIPEMD160_Init;
-+ RIPEMD160_Update;
-+ RIPEMD160_Final;
-+ RIPEMD160;
-+ RIPEMD160_Transform;
-+ RC5_32_set_key;
-+ RC5_32_ecb_encrypt;
-+ RC5_32_encrypt;
-+ RC5_32_decrypt;
-+ RC5_32_cbc_encrypt;
-+ RC5_32_cfb64_encrypt;
-+ RC5_32_ofb64_encrypt;
-+ BN_bn2mpi;
-+ BN_mpi2bn;
-+ ASN1_BIT_STRING_get_bit;
-+ ASN1_BIT_STRING_set_bit;
-+ BIO_get_ex_data;
-+ BIO_get_ex_new_index;
-+ BIO_set_ex_data;
-+ X509v3_get_key_usage;
-+ X509v3_set_key_usage;
-+ a2i_X509v3_key_usage;
-+ i2a_X509v3_key_usage;
-+ EVP_PKEY_decrypt;
-+ EVP_PKEY_encrypt;
-+ PKCS7_RECIP_INFO_set;
-+ PKCS7_add_recipient;
-+ PKCS7_add_recipient_info;
-+ PKCS7_set_cipher;
-+ ASN1_TYPE_get_int_octetstring;
-+ ASN1_TYPE_get_octetstring;
-+ ASN1_TYPE_set_int_octetstring;
-+ ASN1_TYPE_set_octetstring;
-+ ASN1_UTCTIME_set_string;
-+ ERR_add_error_data;
-+ ERR_set_error_data;
-+ EVP_CIPHER_asn1_to_param;
-+ EVP_CIPHER_param_to_asn1;
-+ EVP_CIPHER_get_asn1_iv;
-+ EVP_CIPHER_set_asn1_iv;
-+ EVP_rc5_32_12_16_cbc;
-+ EVP_rc5_32_12_16_cfb64;
-+ EVP_rc5_32_12_16_ecb;
-+ EVP_rc5_32_12_16_ofb;
-+ asn1_add_error;
-+ d2i_ASN1_BMPSTRING;
-+ i2d_ASN1_BMPSTRING;
-+ BIO_f_ber;
-+ BN_init;
-+ COMP_CTX_new;
-+ COMP_CTX_free;
-+ COMP_CTX_compress_block;
-+ COMP_CTX_expand_block;
-+ X509_STORE_CTX_get_ex_new_index;
-+ OBJ_NAME_add;
-+ BIO_socket_nbio;
-+ EVP_rc2_64_cbc;
-+ OBJ_NAME_cleanup;
-+ OBJ_NAME_get;
-+ OBJ_NAME_init;
-+ OBJ_NAME_new_index;
-+ OBJ_NAME_remove;
-+ BN_MONT_CTX_copy;
-+ BIO_new_socks4a_connect;
-+ BIO_s_socks4a_connect;
-+ PROXY_set_connect_mode;
-+ RAND_SSLeay;
-+ RAND_set_rand_method;
-+ RSA_memory_lock;
-+ bn_sub_words;
-+ bn_mul_normal;
-+ bn_mul_comba8;
-+ bn_mul_comba4;
-+ bn_sqr_normal;
-+ bn_sqr_comba8;
-+ bn_sqr_comba4;
-+ bn_cmp_words;
-+ bn_mul_recursive;
-+ bn_mul_part_recursive;
-+ bn_sqr_recursive;
-+ bn_mul_low_normal;
-+ BN_RECP_CTX_init;
-+ BN_RECP_CTX_new;
-+ BN_RECP_CTX_free;
-+ BN_RECP_CTX_set;
-+ BN_mod_mul_reciprocal;
-+ BN_mod_exp_recp;
-+ BN_div_recp;
-+ BN_CTX_init;
-+ BN_MONT_CTX_init;
-+ RAND_get_rand_method;
-+ PKCS7_add_attribute;
-+ PKCS7_add_signed_attribute;
-+ PKCS7_digest_from_attributes;
-+ PKCS7_get_attribute;
-+ PKCS7_get_issuer_and_serial;
-+ PKCS7_get_signed_attribute;
-+ COMP_compress_block;
-+ COMP_expand_block;
-+ COMP_rle;
-+ COMP_zlib;
-+ ms_time_diff;
-+ ms_time_new;
-+ ms_time_free;
-+ ms_time_cmp;
-+ ms_time_get;
-+ PKCS7_set_attributes;
-+ PKCS7_set_signed_attributes;
-+ X509_ATTRIBUTE_create;
-+ X509_ATTRIBUTE_dup;
-+ ASN1_GENERALIZEDTIME_check;
-+ ASN1_GENERALIZEDTIME_print;
-+ ASN1_GENERALIZEDTIME_set;
-+ ASN1_GENERALIZEDTIME_set_string;
-+ ASN1_TIME_print;
-+ BASIC_CONSTRAINTS_free;
-+ BASIC_CONSTRAINTS_new;
-+ ERR_load_X509V3_strings;
-+ NETSCAPE_CERT_SEQUENCE_free;
-+ NETSCAPE_CERT_SEQUENCE_new;
-+ OBJ_txt2obj;
-+ PEM_read_NETSCAPE_CERT_SEQUENCE;
-+ PEM_read_NS_CERT_SEQ;
-+ PEM_read_bio_NETSCAPE_CERT_SEQUENCE;
-+ PEM_read_bio_NS_CERT_SEQ;
-+ PEM_write_NETSCAPE_CERT_SEQUENCE;
-+ PEM_write_NS_CERT_SEQ;
-+ PEM_write_bio_NETSCAPE_CERT_SEQUENCE;
-+ PEM_write_bio_NS_CERT_SEQ;
-+ X509V3_EXT_add;
-+ X509V3_EXT_add_alias;
-+ X509V3_EXT_add_conf;
-+ X509V3_EXT_cleanup;
-+ X509V3_EXT_conf;
-+ X509V3_EXT_conf_nid;
-+ X509V3_EXT_get;
-+ X509V3_EXT_get_nid;
-+ X509V3_EXT_print;
-+ X509V3_EXT_print_fp;
-+ X509V3_add_standard_extensions;
-+ X509V3_add_value;
-+ X509V3_add_value_bool;
-+ X509V3_add_value_int;
-+ X509V3_conf_free;
-+ X509V3_get_value_bool;
-+ X509V3_get_value_int;
-+ X509V3_parse_list;
-+ d2i_ASN1_GENERALIZEDTIME;
-+ d2i_ASN1_TIME;
-+ d2i_BASIC_CONSTRAINTS;
-+ d2i_NETSCAPE_CERT_SEQUENCE;
-+ d2i_ext_ku;
-+ ext_ku_free;
-+ ext_ku_new;
-+ i2d_ASN1_GENERALIZEDTIME;
-+ i2d_ASN1_TIME;
-+ i2d_BASIC_CONSTRAINTS;
-+ i2d_NETSCAPE_CERT_SEQUENCE;
-+ i2d_ext_ku;
-+ EVP_MD_CTX_copy;
-+ i2d_ASN1_ENUMERATED;
-+ d2i_ASN1_ENUMERATED;
-+ ASN1_ENUMERATED_set;
-+ ASN1_ENUMERATED_get;
-+ BN_to_ASN1_ENUMERATED;
-+ ASN1_ENUMERATED_to_BN;
-+ i2a_ASN1_ENUMERATED;
-+ a2i_ASN1_ENUMERATED;
-+ i2d_GENERAL_NAME;
-+ d2i_GENERAL_NAME;
-+ GENERAL_NAME_new;
-+ GENERAL_NAME_free;
-+ GENERAL_NAMES_new;
-+ GENERAL_NAMES_free;
-+ d2i_GENERAL_NAMES;
-+ i2d_GENERAL_NAMES;
-+ i2v_GENERAL_NAMES;
-+ i2s_ASN1_OCTET_STRING;
-+ s2i_ASN1_OCTET_STRING;
-+ X509V3_EXT_check_conf;
-+ hex_to_string;
-+ string_to_hex;
-+ DES_ede3_cbcm_encrypt;
-+ RSA_padding_add_PKCS1_OAEP;
-+ RSA_padding_check_PKCS1_OAEP;
-+ X509_CRL_print_fp;
-+ X509_CRL_print;
-+ i2v_GENERAL_NAME;
-+ v2i_GENERAL_NAME;
-+ i2d_PKEY_USAGE_PERIOD;
-+ d2i_PKEY_USAGE_PERIOD;
-+ PKEY_USAGE_PERIOD_new;
-+ PKEY_USAGE_PERIOD_free;
-+ v2i_GENERAL_NAMES;
-+ i2s_ASN1_INTEGER;
-+ X509V3_EXT_d2i;
-+ name_cmp;
-+ str_dup;
-+ i2s_ASN1_ENUMERATED;
-+ i2s_ASN1_ENUMERATED_TABLE;
-+ BIO_s_log;
-+ BIO_f_reliable;
-+ PKCS7_dataFinal;
-+ PKCS7_dataDecode;
-+ X509V3_EXT_CRL_add_conf;
-+ BN_set_params;
-+ BN_get_params;
-+ BIO_get_ex_num;
-+ BIO_set_ex_free_func;
-+ EVP_ripemd160;
-+ ASN1_TIME_set;
-+ i2d_AUTHORITY_KEYID;
-+ d2i_AUTHORITY_KEYID;
-+ AUTHORITY_KEYID_new;
-+ AUTHORITY_KEYID_free;
-+ ASN1_seq_unpack;
-+ ASN1_seq_pack;
-+ ASN1_unpack_string;
-+ ASN1_pack_string;
-+ PKCS12_pack_safebag;
-+ PKCS12_MAKE_KEYBAG;
-+ PKCS8_encrypt;
-+ PKCS12_MAKE_SHKEYBAG;
-+ PKCS12_pack_p7data;
-+ PKCS12_pack_p7encdata;
-+ PKCS12_add_localkeyid;
-+ PKCS12_add_friendlyname_asc;
-+ PKCS12_add_friendlyname_uni;
-+ PKCS12_get_friendlyname;
-+ PKCS12_pbe_crypt;
-+ PKCS12_decrypt_d2i;
-+ PKCS12_i2d_encrypt;
-+ PKCS12_init;
-+ PKCS12_key_gen_asc;
-+ PKCS12_key_gen_uni;
-+ PKCS12_gen_mac;
-+ PKCS12_verify_mac;
-+ PKCS12_set_mac;
-+ PKCS12_setup_mac;
-+ OPENSSL_asc2uni;
-+ OPENSSL_uni2asc;
-+ i2d_PKCS12_BAGS;
-+ PKCS12_BAGS_new;
-+ d2i_PKCS12_BAGS;
-+ PKCS12_BAGS_free;
-+ i2d_PKCS12;
-+ d2i_PKCS12;
-+ PKCS12_new;
-+ PKCS12_free;
-+ i2d_PKCS12_MAC_DATA;
-+ PKCS12_MAC_DATA_new;
-+ d2i_PKCS12_MAC_DATA;
-+ PKCS12_MAC_DATA_free;
-+ i2d_PKCS12_SAFEBAG;
-+ PKCS12_SAFEBAG_new;
-+ d2i_PKCS12_SAFEBAG;
-+ PKCS12_SAFEBAG_free;
-+ ERR_load_PKCS12_strings;
-+ PKCS12_PBE_add;
-+ PKCS8_add_keyusage;
-+ PKCS12_get_attr_gen;
-+ PKCS12_parse;
-+ PKCS12_create;
-+ i2d_PKCS12_bio;
-+ i2d_PKCS12_fp;
-+ d2i_PKCS12_bio;
-+ d2i_PKCS12_fp;
-+ i2d_PBEPARAM;
-+ PBEPARAM_new;
-+ d2i_PBEPARAM;
-+ PBEPARAM_free;
-+ i2d_PKCS8_PRIV_KEY_INFO;
-+ PKCS8_PRIV_KEY_INFO_new;
-+ d2i_PKCS8_PRIV_KEY_INFO;
-+ PKCS8_PRIV_KEY_INFO_free;
-+ EVP_PKCS82PKEY;
-+ EVP_PKEY2PKCS8;
-+ PKCS8_set_broken;
-+ EVP_PBE_ALGOR_CipherInit;
-+ EVP_PBE_alg_add;
-+ PKCS5_pbe_set;
-+ EVP_PBE_cleanup;
-+ i2d_SXNET;
-+ d2i_SXNET;
-+ SXNET_new;
-+ SXNET_free;
-+ i2d_SXNETID;
-+ d2i_SXNETID;
-+ SXNETID_new;
-+ SXNETID_free;
-+ DSA_SIG_new;
-+ DSA_SIG_free;
-+ DSA_do_sign;
-+ DSA_do_verify;
-+ d2i_DSA_SIG;
-+ i2d_DSA_SIG;
-+ i2d_ASN1_VISIBLESTRING;
-+ d2i_ASN1_VISIBLESTRING;
-+ i2d_ASN1_UTF8STRING;
-+ d2i_ASN1_UTF8STRING;
-+ i2d_DIRECTORYSTRING;
-+ d2i_DIRECTORYSTRING;
-+ i2d_DISPLAYTEXT;
-+ d2i_DISPLAYTEXT;
-+ d2i_ASN1_SET_OF_X509;
-+ i2d_ASN1_SET_OF_X509;
-+ i2d_PBKDF2PARAM;
-+ PBKDF2PARAM_new;
-+ d2i_PBKDF2PARAM;
-+ PBKDF2PARAM_free;
-+ i2d_PBE2PARAM;
-+ PBE2PARAM_new;
-+ d2i_PBE2PARAM;
-+ PBE2PARAM_free;
-+ d2i_ASN1_SET_OF_GENERAL_NAME;
-+ i2d_ASN1_SET_OF_GENERAL_NAME;
-+ d2i_ASN1_SET_OF_SXNETID;
-+ i2d_ASN1_SET_OF_SXNETID;
-+ d2i_ASN1_SET_OF_POLICYQUALINFO;
-+ i2d_ASN1_SET_OF_POLICYQUALINFO;
-+ d2i_ASN1_SET_OF_POLICYINFO;
-+ i2d_ASN1_SET_OF_POLICYINFO;
-+ SXNET_add_id_asc;
-+ SXNET_add_id_ulong;
-+ SXNET_add_id_INTEGER;
-+ SXNET_get_id_asc;
-+ SXNET_get_id_ulong;
-+ SXNET_get_id_INTEGER;
-+ X509V3_set_conf_lhash;
-+ i2d_CERTIFICATEPOLICIES;
-+ CERTIFICATEPOLICIES_new;
-+ CERTIFICATEPOLICIES_free;
-+ d2i_CERTIFICATEPOLICIES;
-+ i2d_POLICYINFO;
-+ POLICYINFO_new;
-+ d2i_POLICYINFO;
-+ POLICYINFO_free;
-+ i2d_POLICYQUALINFO;
-+ POLICYQUALINFO_new;
-+ d2i_POLICYQUALINFO;
-+ POLICYQUALINFO_free;
-+ i2d_USERNOTICE;
-+ USERNOTICE_new;
-+ d2i_USERNOTICE;
-+ USERNOTICE_free;
-+ i2d_NOTICEREF;
-+ NOTICEREF_new;
-+ d2i_NOTICEREF;
-+ NOTICEREF_free;
-+ X509V3_get_string;
-+ X509V3_get_section;
-+ X509V3_string_free;
-+ X509V3_section_free;
-+ X509V3_set_ctx;
-+ s2i_ASN1_INTEGER;
-+ CRYPTO_set_locked_mem_functions;
-+ CRYPTO_get_locked_mem_functions;
-+ CRYPTO_malloc_locked;
-+ CRYPTO_free_locked;
-+ BN_mod_exp2_mont;
-+ ERR_get_error_line_data;
-+ ERR_peek_error_line_data;
-+ PKCS12_PBE_keyivgen;
-+ X509_ALGOR_dup;
-+ d2i_ASN1_SET_OF_DIST_POINT;
-+ i2d_ASN1_SET_OF_DIST_POINT;
-+ i2d_CRL_DIST_POINTS;
-+ CRL_DIST_POINTS_new;
-+ CRL_DIST_POINTS_free;
-+ d2i_CRL_DIST_POINTS;
-+ i2d_DIST_POINT;
-+ DIST_POINT_new;
-+ d2i_DIST_POINT;
-+ DIST_POINT_free;
-+ i2d_DIST_POINT_NAME;
-+ DIST_POINT_NAME_new;
-+ DIST_POINT_NAME_free;
-+ d2i_DIST_POINT_NAME;
-+ X509V3_add_value_uchar;
-+ d2i_ASN1_SET_OF_X509_ATTRIBUTE;
-+ i2d_ASN1_SET_OF_ASN1_TYPE;
-+ d2i_ASN1_SET_OF_X509_EXTENSION;
-+ d2i_ASN1_SET_OF_X509_NAME_ENTRY;
-+ d2i_ASN1_SET_OF_ASN1_TYPE;
-+ i2d_ASN1_SET_OF_X509_ATTRIBUTE;
-+ i2d_ASN1_SET_OF_X509_EXTENSION;
-+ i2d_ASN1_SET_OF_X509_NAME_ENTRY;
-+ X509V3_EXT_i2d;
-+ X509V3_EXT_val_prn;
-+ X509V3_EXT_add_list;
-+ EVP_CIPHER_type;
-+ EVP_PBE_CipherInit;
-+ X509V3_add_value_bool_nf;
-+ d2i_ASN1_UINTEGER;
-+ sk_value;
-+ sk_num;
-+ sk_set;
-+ i2d_ASN1_SET_OF_X509_REVOKED;
-+ sk_sort;
-+ d2i_ASN1_SET_OF_X509_REVOKED;
-+ i2d_ASN1_SET_OF_X509_ALGOR;
-+ i2d_ASN1_SET_OF_X509_CRL;
-+ d2i_ASN1_SET_OF_X509_ALGOR;
-+ d2i_ASN1_SET_OF_X509_CRL;
-+ i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO;
-+ i2d_ASN1_SET_OF_PKCS7_RECIP_INFO;
-+ d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO;
-+ d2i_ASN1_SET_OF_PKCS7_RECIP_INFO;
-+ PKCS5_PBE_add;
-+ PEM_write_bio_PKCS8;
-+ i2d_PKCS8_fp;
-+ PEM_read_bio_PKCS8_PRIV_KEY_INFO;
-+ PEM_read_bio_P8_PRIV_KEY_INFO;
-+ d2i_PKCS8_bio;
-+ d2i_PKCS8_PRIV_KEY_INFO_fp;
-+ PEM_write_bio_PKCS8_PRIV_KEY_INFO;
-+ PEM_write_bio_P8_PRIV_KEY_INFO;
-+ PEM_read_PKCS8;
-+ d2i_PKCS8_PRIV_KEY_INFO_bio;
-+ d2i_PKCS8_fp;
-+ PEM_write_PKCS8;
-+ PEM_read_PKCS8_PRIV_KEY_INFO;
-+ PEM_read_P8_PRIV_KEY_INFO;
-+ PEM_read_bio_PKCS8;
-+ PEM_write_PKCS8_PRIV_KEY_INFO;
-+ PEM_write_P8_PRIV_KEY_INFO;
-+ PKCS5_PBE_keyivgen;
-+ i2d_PKCS8_bio;
-+ i2d_PKCS8_PRIV_KEY_INFO_fp;
-+ i2d_PKCS8_PRIV_KEY_INFO_bio;
-+ BIO_s_bio;
-+ PKCS5_pbe2_set;
-+ PKCS5_PBKDF2_HMAC_SHA1;
-+ PKCS5_v2_PBE_keyivgen;
-+ PEM_write_bio_PKCS8PrivateKey;
-+ PEM_write_PKCS8PrivateKey;
-+ BIO_ctrl_get_read_request;
-+ BIO_ctrl_pending;
-+ BIO_ctrl_wpending;
-+ BIO_new_bio_pair;
-+ BIO_ctrl_get_write_guarantee;
-+ CRYPTO_num_locks;
-+ CONF_load_bio;
-+ CONF_load_fp;
-+ i2d_ASN1_SET_OF_ASN1_OBJECT;
-+ d2i_ASN1_SET_OF_ASN1_OBJECT;
-+ PKCS7_signatureVerify;
-+ RSA_set_method;
-+ RSA_get_method;
-+ RSA_get_default_method;
-+ RSA_check_key;
-+ OBJ_obj2txt;
-+ DSA_dup_DH;
-+ X509_REQ_get_extensions;
-+ X509_REQ_set_extension_nids;
-+ BIO_nwrite;
-+ X509_REQ_extension_nid;
-+ BIO_nread;
-+ X509_REQ_get_extension_nids;
-+ BIO_nwrite0;
-+ X509_REQ_add_extensions_nid;
-+ BIO_nread0;
-+ X509_REQ_add_extensions;
-+ BIO_new_mem_buf;
-+ DH_set_ex_data;
-+ DH_set_method;
-+ DSA_OpenSSL;
-+ DH_get_ex_data;
-+ DH_get_ex_new_index;
-+ DSA_new_method;
-+ DH_new_method;
-+ DH_OpenSSL;
-+ DSA_get_ex_new_index;
-+ DH_get_default_method;
-+ DSA_set_ex_data;
-+ DH_set_default_method;
-+ DSA_get_ex_data;
-+ X509V3_EXT_REQ_add_conf;
-+ NETSCAPE_SPKI_print;
-+ NETSCAPE_SPKI_set_pubkey;
-+ NETSCAPE_SPKI_b64_encode;
-+ NETSCAPE_SPKI_get_pubkey;
-+ NETSCAPE_SPKI_b64_decode;
-+ UTF8_putc;
-+ UTF8_getc;
-+ RSA_null_method;
-+ ASN1_tag2str;
-+ BIO_ctrl_reset_read_request;
-+ DISPLAYTEXT_new;
-+ ASN1_GENERALIZEDTIME_free;
-+ X509_REVOKED_get_ext_d2i;
-+ X509_set_ex_data;
-+ X509_reject_set_bit_asc;
-+ X509_NAME_add_entry_by_txt;
-+ X509_NAME_add_entry_by_NID;
-+ X509_PURPOSE_get0;
-+ PEM_read_X509_AUX;
-+ d2i_AUTHORITY_INFO_ACCESS;
-+ PEM_write_PUBKEY;
-+ ACCESS_DESCRIPTION_new;
-+ X509_CERT_AUX_free;
-+ d2i_ACCESS_DESCRIPTION;
-+ X509_trust_clear;
-+ X509_TRUST_add;
-+ ASN1_VISIBLESTRING_new;
-+ X509_alias_set1;
-+ ASN1_PRINTABLESTRING_free;
-+ EVP_PKEY_get1_DSA;
-+ ASN1_BMPSTRING_new;
-+ ASN1_mbstring_copy;
-+ ASN1_UTF8STRING_new;
-+ DSA_get_default_method;
-+ i2d_ASN1_SET_OF_ACCESS_DESCRIPTION;
-+ ASN1_T61STRING_free;
-+ DSA_set_method;
-+ X509_get_ex_data;
-+ ASN1_STRING_type;
-+ X509_PURPOSE_get_by_sname;
-+ ASN1_TIME_free;
-+ ASN1_OCTET_STRING_cmp;
-+ ASN1_BIT_STRING_new;
-+ X509_get_ext_d2i;
-+ PEM_read_bio_X509_AUX;
-+ ASN1_STRING_set_default_mask_asc;
-+ ASN1_STRING_set_def_mask_asc;
-+ PEM_write_bio_RSA_PUBKEY;
-+ ASN1_INTEGER_cmp;
-+ d2i_RSA_PUBKEY_fp;
-+ X509_trust_set_bit_asc;
-+ PEM_write_bio_DSA_PUBKEY;
-+ X509_STORE_CTX_free;
-+ EVP_PKEY_set1_DSA;
-+ i2d_DSA_PUBKEY_fp;
-+ X509_load_cert_crl_file;
-+ ASN1_TIME_new;
-+ i2d_RSA_PUBKEY;
-+ X509_STORE_CTX_purpose_inherit;
-+ PEM_read_RSA_PUBKEY;
-+ d2i_X509_AUX;
-+ i2d_DSA_PUBKEY;
-+ X509_CERT_AUX_print;
-+ PEM_read_DSA_PUBKEY;
-+ i2d_RSA_PUBKEY_bio;
-+ ASN1_BIT_STRING_num_asc;
-+ i2d_PUBKEY;
-+ ASN1_UTCTIME_free;
-+ DSA_set_default_method;
-+ X509_PURPOSE_get_by_id;
-+ ACCESS_DESCRIPTION_free;
-+ PEM_read_bio_PUBKEY;
-+ ASN1_STRING_set_by_NID;
-+ X509_PURPOSE_get_id;
-+ DISPLAYTEXT_free;
-+ OTHERNAME_new;
-+ X509_CERT_AUX_new;
-+ X509_TRUST_cleanup;
-+ X509_NAME_add_entry_by_OBJ;
-+ X509_CRL_get_ext_d2i;
-+ X509_PURPOSE_get0_name;
-+ PEM_read_PUBKEY;
-+ i2d_DSA_PUBKEY_bio;
-+ i2d_OTHERNAME;
-+ ASN1_OCTET_STRING_free;
-+ ASN1_BIT_STRING_set_asc;
-+ X509_get_ex_new_index;
-+ ASN1_STRING_TABLE_cleanup;
-+ X509_TRUST_get_by_id;
-+ X509_PURPOSE_get_trust;
-+ ASN1_STRING_length;
-+ d2i_ASN1_SET_OF_ACCESS_DESCRIPTION;
-+ ASN1_PRINTABLESTRING_new;
-+ X509V3_get_d2i;
-+ ASN1_ENUMERATED_free;
-+ i2d_X509_CERT_AUX;
-+ X509_STORE_CTX_set_trust;
-+ ASN1_STRING_set_default_mask;
-+ X509_STORE_CTX_new;
-+ EVP_PKEY_get1_RSA;
-+ DIRECTORYSTRING_free;
-+ PEM_write_X509_AUX;
-+ ASN1_OCTET_STRING_set;
-+ d2i_DSA_PUBKEY_fp;
-+ d2i_RSA_PUBKEY;
-+ X509_TRUST_get0_name;
-+ X509_TRUST_get0;
-+ AUTHORITY_INFO_ACCESS_free;
-+ ASN1_IA5STRING_new;
-+ d2i_DSA_PUBKEY;
-+ X509_check_purpose;
-+ ASN1_ENUMERATED_new;
-+ d2i_RSA_PUBKEY_bio;
-+ d2i_PUBKEY;
-+ X509_TRUST_get_trust;
-+ X509_TRUST_get_flags;
-+ ASN1_BMPSTRING_free;
-+ ASN1_T61STRING_new;
-+ ASN1_UTCTIME_new;
-+ i2d_AUTHORITY_INFO_ACCESS;
-+ EVP_PKEY_set1_RSA;
-+ X509_STORE_CTX_set_purpose;
-+ ASN1_IA5STRING_free;
-+ PEM_write_bio_X509_AUX;
-+ X509_PURPOSE_get_count;
-+ CRYPTO_add_info;
-+ X509_NAME_ENTRY_create_by_txt;
-+ ASN1_STRING_get_default_mask;
-+ X509_alias_get0;
-+ ASN1_STRING_data;
-+ i2d_ACCESS_DESCRIPTION;
-+ X509_trust_set_bit;
-+ ASN1_BIT_STRING_free;
-+ PEM_read_bio_RSA_PUBKEY;
-+ X509_add1_reject_object;
-+ X509_check_trust;
-+ PEM_read_bio_DSA_PUBKEY;
-+ X509_PURPOSE_add;
-+ ASN1_STRING_TABLE_get;
-+ ASN1_UTF8STRING_free;
-+ d2i_DSA_PUBKEY_bio;
-+ PEM_write_RSA_PUBKEY;
-+ d2i_OTHERNAME;
-+ X509_reject_set_bit;
-+ PEM_write_DSA_PUBKEY;
-+ X509_PURPOSE_get0_sname;
-+ EVP_PKEY_set1_DH;
-+ ASN1_OCTET_STRING_dup;
-+ ASN1_BIT_STRING_set;
-+ X509_TRUST_get_count;
-+ ASN1_INTEGER_free;
-+ OTHERNAME_free;
-+ i2d_RSA_PUBKEY_fp;
-+ ASN1_INTEGER_dup;
-+ d2i_X509_CERT_AUX;
-+ PEM_write_bio_PUBKEY;
-+ ASN1_VISIBLESTRING_free;
-+ X509_PURPOSE_cleanup;
-+ ASN1_mbstring_ncopy;
-+ ASN1_GENERALIZEDTIME_new;
-+ EVP_PKEY_get1_DH;
-+ ASN1_OCTET_STRING_new;
-+ ASN1_INTEGER_new;
-+ i2d_X509_AUX;
-+ ASN1_BIT_STRING_name_print;
-+ X509_cmp;
-+ ASN1_STRING_length_set;
-+ DIRECTORYSTRING_new;
-+ X509_add1_trust_object;
-+ PKCS12_newpass;
-+ SMIME_write_PKCS7;
-+ SMIME_read_PKCS7;
-+ DES_set_key_checked;
-+ PKCS7_verify;
-+ PKCS7_encrypt;
-+ DES_set_key_unchecked;
-+ SMIME_crlf_copy;
-+ i2d_ASN1_PRINTABLESTRING;
-+ PKCS7_get0_signers;
-+ PKCS7_decrypt;
-+ SMIME_text;
-+ PKCS7_simple_smimecap;
-+ PKCS7_get_smimecap;
-+ PKCS7_sign;
-+ PKCS7_add_attrib_smimecap;
-+ CRYPTO_dbg_set_options;
-+ CRYPTO_remove_all_info;
-+ CRYPTO_get_mem_debug_functions;
-+ CRYPTO_is_mem_check_on;
-+ CRYPTO_set_mem_debug_functions;
-+ CRYPTO_pop_info;
-+ CRYPTO_push_info_;
-+ CRYPTO_set_mem_debug_options;
-+ PEM_write_PKCS8PrivateKey_nid;
-+ PEM_write_bio_PKCS8PrivateKey_nid;
-+ PEM_write_bio_PKCS8PrivKey_nid;
-+ d2i_PKCS8PrivateKey_bio;
-+ ASN1_NULL_free;
-+ d2i_ASN1_NULL;
-+ ASN1_NULL_new;
-+ i2d_PKCS8PrivateKey_bio;
-+ i2d_PKCS8PrivateKey_fp;
-+ i2d_ASN1_NULL;
-+ i2d_PKCS8PrivateKey_nid_fp;
-+ d2i_PKCS8PrivateKey_fp;
-+ i2d_PKCS8PrivateKey_nid_bio;
-+ i2d_PKCS8PrivateKeyInfo_fp;
-+ i2d_PKCS8PrivateKeyInfo_bio;
-+ PEM_cb;
-+ i2d_PrivateKey_fp;
-+ d2i_PrivateKey_bio;
-+ d2i_PrivateKey_fp;
-+ i2d_PrivateKey_bio;
-+ X509_reject_clear;
-+ X509_TRUST_set_default;
-+ d2i_AutoPrivateKey;
-+ X509_ATTRIBUTE_get0_type;
-+ X509_ATTRIBUTE_set1_data;
-+ X509at_get_attr;
-+ X509at_get_attr_count;
-+ X509_ATTRIBUTE_create_by_NID;
-+ X509_ATTRIBUTE_set1_object;
-+ X509_ATTRIBUTE_count;
-+ X509_ATTRIBUTE_create_by_OBJ;
-+ X509_ATTRIBUTE_get0_object;
-+ X509at_get_attr_by_NID;
-+ X509at_add1_attr;
-+ X509_ATTRIBUTE_get0_data;
-+ X509at_delete_attr;
-+ X509at_get_attr_by_OBJ;
-+ RAND_add;
-+ BIO_number_written;
-+ BIO_number_read;
-+ X509_STORE_CTX_get1_chain;
-+ ERR_load_RAND_strings;
-+ RAND_pseudo_bytes;
-+ X509_REQ_get_attr_by_NID;
-+ X509_REQ_get_attr;
-+ X509_REQ_add1_attr_by_NID;
-+ X509_REQ_get_attr_by_OBJ;
-+ X509at_add1_attr_by_NID;
-+ X509_REQ_add1_attr_by_OBJ;
-+ X509_REQ_get_attr_count;
-+ X509_REQ_add1_attr;
-+ X509_REQ_delete_attr;
-+ X509at_add1_attr_by_OBJ;
-+ X509_REQ_add1_attr_by_txt;
-+ X509_ATTRIBUTE_create_by_txt;
-+ X509at_add1_attr_by_txt;
-+ BN_pseudo_rand;
-+ BN_is_prime_fasttest;
-+ BN_CTX_end;
-+ BN_CTX_start;
-+ BN_CTX_get;
-+ EVP_PKEY2PKCS8_broken;
-+ ASN1_STRING_TABLE_add;
-+ CRYPTO_dbg_get_options;
-+ AUTHORITY_INFO_ACCESS_new;
-+ CRYPTO_get_mem_debug_options;
-+ DES_crypt;
-+ PEM_write_bio_X509_REQ_NEW;
-+ PEM_write_X509_REQ_NEW;
-+ BIO_callback_ctrl;
-+ RAND_egd;
-+ RAND_status;
-+ bn_dump1;
-+ DES_check_key_parity;
-+ lh_num_items;
-+ RAND_event;
-+ DSO_new;
-+ DSO_new_method;
-+ DSO_free;
-+ DSO_flags;
-+ DSO_up;
-+ DSO_set_default_method;
-+ DSO_get_default_method;
-+ DSO_get_method;
-+ DSO_set_method;
-+ DSO_load;
-+ DSO_bind_var;
-+ DSO_METHOD_null;
-+ DSO_METHOD_openssl;
-+ DSO_METHOD_dlfcn;
-+ DSO_METHOD_win32;
-+ ERR_load_DSO_strings;
-+ DSO_METHOD_dl;
-+ NCONF_load;
-+ NCONF_load_fp;
-+ NCONF_new;
-+ NCONF_get_string;
-+ NCONF_free;
-+ NCONF_get_number;
-+ CONF_dump_fp;
-+ NCONF_load_bio;
-+ NCONF_dump_fp;
-+ NCONF_get_section;
-+ NCONF_dump_bio;
-+ CONF_dump_bio;
-+ NCONF_free_data;
-+ CONF_set_default_method;
-+ ERR_error_string_n;
-+ BIO_snprintf;
-+ DSO_ctrl;
-+ i2d_ASN1_SET_OF_ASN1_INTEGER;
-+ i2d_ASN1_SET_OF_PKCS12_SAFEBAG;
-+ i2d_ASN1_SET_OF_PKCS7;
-+ BIO_vfree;
-+ d2i_ASN1_SET_OF_ASN1_INTEGER;
-+ d2i_ASN1_SET_OF_PKCS12_SAFEBAG;
-+ ASN1_UTCTIME_get;
-+ X509_REQ_digest;
-+ X509_CRL_digest;
-+ d2i_ASN1_SET_OF_PKCS7;
-+ EVP_CIPHER_CTX_set_key_length;
-+ EVP_CIPHER_CTX_ctrl;
-+ BN_mod_exp_mont_word;
-+ RAND_egd_bytes;
-+ X509_REQ_get1_email;
-+ X509_get1_email;
-+ X509_email_free;
-+ i2d_RSA_NET;
-+ d2i_RSA_NET_2;
-+ d2i_RSA_NET;
-+ DSO_bind_func;
-+ CRYPTO_get_new_dynlockid;
-+ sk_new_null;
-+ CRYPTO_set_dynlock_destroy_callback;
-+ CRYPTO_set_dynlock_destroy_cb;
-+ CRYPTO_destroy_dynlockid;
-+ CRYPTO_set_dynlock_size;
-+ CRYPTO_set_dynlock_create_callback;
-+ CRYPTO_set_dynlock_create_cb;
-+ CRYPTO_set_dynlock_lock_callback;
-+ CRYPTO_set_dynlock_lock_cb;
-+ CRYPTO_get_dynlock_lock_callback;
-+ CRYPTO_get_dynlock_lock_cb;
-+ CRYPTO_get_dynlock_destroy_callback;
-+ CRYPTO_get_dynlock_destroy_cb;
-+ CRYPTO_get_dynlock_value;
-+ CRYPTO_get_dynlock_create_callback;
-+ CRYPTO_get_dynlock_create_cb;
-+ c2i_ASN1_BIT_STRING;
-+ i2c_ASN1_BIT_STRING;
-+ RAND_poll;
-+ c2i_ASN1_INTEGER;
-+ i2c_ASN1_INTEGER;
-+ BIO_dump_indent;
-+ ASN1_parse_dump;
-+ c2i_ASN1_OBJECT;
-+ X509_NAME_print_ex_fp;
-+ ASN1_STRING_print_ex_fp;
-+ X509_NAME_print_ex;
-+ ASN1_STRING_print_ex;
-+ MD4;
-+ MD4_Transform;
-+ MD4_Final;
-+ MD4_Update;
-+ MD4_Init;
-+ EVP_md4;
-+ i2d_PUBKEY_bio;
-+ i2d_PUBKEY_fp;
-+ d2i_PUBKEY_bio;
-+ ASN1_STRING_to_UTF8;
-+ BIO_vprintf;
-+ BIO_vsnprintf;
-+ d2i_PUBKEY_fp;
-+ X509_cmp_time;
-+ X509_STORE_CTX_set_time;
-+ X509_STORE_CTX_get1_issuer;
-+ X509_OBJECT_retrieve_match;
-+ X509_OBJECT_idx_by_subject;
-+ X509_STORE_CTX_set_flags;
-+ X509_STORE_CTX_trusted_stack;
-+ X509_time_adj;
-+ X509_check_issued;
-+ ASN1_UTCTIME_cmp_time_t;
-+ DES_set_weak_key_flag;
-+ DES_check_key;
-+ DES_rw_mode;
-+ RSA_PKCS1_RSAref;
-+ X509_keyid_set1;
-+ BIO_next;
-+ DSO_METHOD_vms;
-+ BIO_f_linebuffer;
-+ BN_bntest_rand;
-+ OPENSSL_issetugid;
-+ BN_rand_range;
-+ ERR_load_ENGINE_strings;
-+ ENGINE_set_DSA;
-+ ENGINE_get_finish_function;
-+ ENGINE_get_default_RSA;
-+ ENGINE_get_BN_mod_exp;
-+ DSA_get_default_openssl_method;
-+ ENGINE_set_DH;
-+ ENGINE_set_def_BN_mod_exp_crt;
-+ ENGINE_set_default_BN_mod_exp_crt;
-+ ENGINE_init;
-+ DH_get_default_openssl_method;
-+ RSA_set_default_openssl_method;
-+ ENGINE_finish;
-+ ENGINE_load_public_key;
-+ ENGINE_get_DH;
-+ ENGINE_ctrl;
-+ ENGINE_get_init_function;
-+ ENGINE_set_init_function;
-+ ENGINE_set_default_DSA;
-+ ENGINE_get_name;
-+ ENGINE_get_last;
-+ ENGINE_get_prev;
-+ ENGINE_get_default_DH;
-+ ENGINE_get_RSA;
-+ ENGINE_set_default;
-+ ENGINE_get_RAND;
-+ ENGINE_get_first;
-+ ENGINE_by_id;
-+ ENGINE_set_finish_function;
-+ ENGINE_get_def_BN_mod_exp_crt;
-+ ENGINE_get_default_BN_mod_exp_crt;
-+ RSA_get_default_openssl_method;
-+ ENGINE_set_RSA;
-+ ENGINE_load_private_key;
-+ ENGINE_set_default_RAND;
-+ ENGINE_set_BN_mod_exp;
-+ ENGINE_remove;
-+ ENGINE_free;
-+ ENGINE_get_BN_mod_exp_crt;
-+ ENGINE_get_next;
-+ ENGINE_set_name;
-+ ENGINE_get_default_DSA;
-+ ENGINE_set_default_BN_mod_exp;
-+ ENGINE_set_default_RSA;
-+ ENGINE_get_default_RAND;
-+ ENGINE_get_default_BN_mod_exp;
-+ ENGINE_set_RAND;
-+ ENGINE_set_id;
-+ ENGINE_set_BN_mod_exp_crt;
-+ ENGINE_set_default_DH;
-+ ENGINE_new;
-+ ENGINE_get_id;
-+ DSA_set_default_openssl_method;
-+ ENGINE_add;
-+ DH_set_default_openssl_method;
-+ ENGINE_get_DSA;
-+ ENGINE_get_ctrl_function;
-+ ENGINE_set_ctrl_function;
-+ BN_pseudo_rand_range;
-+ X509_STORE_CTX_set_verify_cb;
-+ ERR_load_COMP_strings;
-+ PKCS12_item_decrypt_d2i;
-+ ASN1_UTF8STRING_it;
-+ ASN1_UTF8STRING_it;
-+ ENGINE_unregister_ciphers;
-+ ENGINE_get_ciphers;
-+ d2i_OCSP_BASICRESP;
-+ KRB5_CHECKSUM_it;
-+ KRB5_CHECKSUM_it;
-+ EC_POINT_add;
-+ ASN1_item_ex_i2d;
-+ OCSP_CERTID_it;
-+ OCSP_CERTID_it;
-+ d2i_OCSP_RESPBYTES;
-+ X509V3_add1_i2d;
-+ PKCS7_ENVELOPE_it;
-+ PKCS7_ENVELOPE_it;
-+ UI_add_input_boolean;
-+ ENGINE_unregister_RSA;
-+ X509V3_EXT_nconf;
-+ ASN1_GENERALSTRING_free;
-+ d2i_OCSP_CERTSTATUS;
-+ X509_REVOKED_set_serialNumber;
-+ X509_print_ex;
-+ OCSP_ONEREQ_get1_ext_d2i;
-+ ENGINE_register_all_RAND;
-+ ENGINE_load_dynamic;
-+ PBKDF2PARAM_it;
-+ PBKDF2PARAM_it;
-+ EXTENDED_KEY_USAGE_new;
-+ EC_GROUP_clear_free;
-+ OCSP_sendreq_bio;
-+ ASN1_item_digest;
-+ OCSP_BASICRESP_delete_ext;
-+ OCSP_SIGNATURE_it;
-+ OCSP_SIGNATURE_it;
-+ X509_CRL_it;
-+ X509_CRL_it;
-+ OCSP_BASICRESP_add_ext;
-+ KRB5_ENCKEY_it;
-+ KRB5_ENCKEY_it;
-+ UI_method_set_closer;
-+ X509_STORE_set_purpose;
-+ i2d_ASN1_GENERALSTRING;
-+ OCSP_response_status;
-+ i2d_OCSP_SERVICELOC;
-+ ENGINE_get_digest_engine;
-+ EC_GROUP_set_curve_GFp;
-+ OCSP_REQUEST_get_ext_by_OBJ;
-+ _ossl_old_des_random_key;
-+ ASN1_T61STRING_it;
-+ ASN1_T61STRING_it;
-+ EC_GROUP_method_of;
-+ i2d_KRB5_APREQ;
-+ _ossl_old_des_encrypt;
-+ ASN1_PRINTABLE_new;
-+ HMAC_Init_ex;
-+ d2i_KRB5_AUTHENT;
-+ OCSP_archive_cutoff_new;
-+ EC_POINT_set_Jprojective_coordinates_GFp;
-+ EC_POINT_set_Jproj_coords_GFp;
-+ _ossl_old_des_is_weak_key;
-+ OCSP_BASICRESP_get_ext_by_OBJ;
-+ EC_POINT_oct2point;
-+ OCSP_SINGLERESP_get_ext_count;
-+ UI_ctrl;
-+ _shadow_DES_rw_mode;
-+ _shadow_DES_rw_mode;
-+ asn1_do_adb;
-+ ASN1_template_i2d;
-+ ENGINE_register_DH;
-+ UI_construct_prompt;
-+ X509_STORE_set_trust;
-+ UI_dup_input_string;
-+ d2i_KRB5_APREQ;
-+ EVP_MD_CTX_copy_ex;
-+ OCSP_request_is_signed;
-+ i2d_OCSP_REQINFO;
-+ KRB5_ENCKEY_free;
-+ OCSP_resp_get0;
-+ GENERAL_NAME_it;
-+ GENERAL_NAME_it;
-+ ASN1_GENERALIZEDTIME_it;
-+ ASN1_GENERALIZEDTIME_it;
-+ X509_STORE_set_flags;
-+ EC_POINT_set_compressed_coordinates_GFp;
-+ EC_POINT_set_compr_coords_GFp;
-+ OCSP_response_status_str;
-+ d2i_OCSP_REVOKEDINFO;
-+ OCSP_basic_add1_cert;
-+ ERR_get_implementation;
-+ EVP_CipherFinal_ex;
-+ OCSP_CERTSTATUS_new;
-+ CRYPTO_cleanup_all_ex_data;
-+ OCSP_resp_find;
-+ BN_nnmod;
-+ X509_CRL_sort;
-+ X509_REVOKED_set_revocationDate;
-+ ENGINE_register_RAND;
-+ OCSP_SERVICELOC_new;
-+ EC_POINT_set_affine_coordinates_GFp;
-+ EC_POINT_set_affine_coords_GFp;
-+ _ossl_old_des_options;
-+ SXNET_it;
-+ SXNET_it;
-+ UI_dup_input_boolean;
-+ PKCS12_add_CSPName_asc;
-+ EC_POINT_is_at_infinity;
-+ ENGINE_load_cryptodev;
-+ DSO_convert_filename;
-+ POLICYQUALINFO_it;
-+ POLICYQUALINFO_it;
-+ ENGINE_register_ciphers;
-+ BN_mod_lshift_quick;
-+ DSO_set_filename;
-+ ASN1_item_free;
-+ KRB5_TKTBODY_free;
-+ AUTHORITY_KEYID_it;
-+ AUTHORITY_KEYID_it;
-+ KRB5_APREQBODY_new;
-+ X509V3_EXT_REQ_add_nconf;
-+ ENGINE_ctrl_cmd_string;
-+ i2d_OCSP_RESPDATA;
-+ EVP_MD_CTX_init;
-+ EXTENDED_KEY_USAGE_free;
-+ PKCS7_ATTR_SIGN_it;
-+ PKCS7_ATTR_SIGN_it;
-+ UI_add_error_string;
-+ KRB5_CHECKSUM_free;
-+ OCSP_REQUEST_get_ext;
-+ ENGINE_load_ubsec;
-+ ENGINE_register_all_digests;
-+ PKEY_USAGE_PERIOD_it;
-+ PKEY_USAGE_PERIOD_it;
-+ PKCS12_unpack_authsafes;
-+ ASN1_item_unpack;
-+ NETSCAPE_SPKAC_it;
-+ NETSCAPE_SPKAC_it;
-+ X509_REVOKED_it;
-+ X509_REVOKED_it;
-+ ASN1_STRING_encode;
-+ EVP_aes_128_ecb;
-+ KRB5_AUTHENT_free;
-+ OCSP_BASICRESP_get_ext_by_critical;
-+ OCSP_BASICRESP_get_ext_by_crit;
-+ OCSP_cert_status_str;
-+ d2i_OCSP_REQUEST;
-+ UI_dup_info_string;
-+ _ossl_old_des_xwhite_in2out;
-+ PKCS12_it;
-+ PKCS12_it;
-+ OCSP_SINGLERESP_get_ext_by_critical;
-+ OCSP_SINGLERESP_get_ext_by_crit;
-+ OCSP_CERTSTATUS_free;
-+ _ossl_old_des_crypt;
-+ ASN1_item_i2d;
-+ EVP_DecryptFinal_ex;
-+ ENGINE_load_openssl;
-+ ENGINE_get_cmd_defns;
-+ ENGINE_set_load_privkey_function;
-+ ENGINE_set_load_privkey_fn;
-+ EVP_EncryptFinal_ex;
-+ ENGINE_set_default_digests;
-+ X509_get0_pubkey_bitstr;
-+ asn1_ex_i2c;
-+ ENGINE_register_RSA;
-+ ENGINE_unregister_DSA;
-+ _ossl_old_des_key_sched;
-+ X509_EXTENSION_it;
-+ X509_EXTENSION_it;
-+ i2d_KRB5_AUTHENT;
-+ SXNETID_it;
-+ SXNETID_it;
-+ d2i_OCSP_SINGLERESP;
-+ EDIPARTYNAME_new;
-+ PKCS12_certbag2x509;
-+ _ossl_old_des_ofb64_encrypt;
-+ d2i_EXTENDED_KEY_USAGE;
-+ ERR_print_errors_cb;
-+ ENGINE_set_ciphers;
-+ d2i_KRB5_APREQBODY;
-+ UI_method_get_flusher;
-+ X509_PUBKEY_it;
-+ X509_PUBKEY_it;
-+ _ossl_old_des_enc_read;
-+ PKCS7_ENCRYPT_it;
-+ PKCS7_ENCRYPT_it;
-+ i2d_OCSP_RESPONSE;
-+ EC_GROUP_get_cofactor;
-+ PKCS12_unpack_p7data;
-+ d2i_KRB5_AUTHDATA;
-+ OCSP_copy_nonce;
-+ KRB5_AUTHDATA_new;
-+ OCSP_RESPDATA_new;
-+ EC_GFp_mont_method;
-+ OCSP_REVOKEDINFO_free;
-+ UI_get_ex_data;
-+ KRB5_APREQBODY_free;
-+ EC_GROUP_get0_generator;
-+ UI_get_default_method;
-+ X509V3_set_nconf;
-+ PKCS12_item_i2d_encrypt;
-+ X509_add1_ext_i2d;
-+ PKCS7_SIGNER_INFO_it;
-+ PKCS7_SIGNER_INFO_it;
-+ KRB5_PRINCNAME_new;
-+ PKCS12_SAFEBAG_it;
-+ PKCS12_SAFEBAG_it;
-+ EC_GROUP_get_order;
-+ d2i_OCSP_RESPID;
-+ OCSP_request_verify;
-+ NCONF_get_number_e;
-+ _ossl_old_des_decrypt3;
-+ X509_signature_print;
-+ OCSP_SINGLERESP_free;
-+ ENGINE_load_builtin_engines;
-+ i2d_OCSP_ONEREQ;
-+ OCSP_REQUEST_add_ext;
-+ OCSP_RESPBYTES_new;
-+ EVP_MD_CTX_create;
-+ OCSP_resp_find_status;
-+ X509_ALGOR_it;
-+ X509_ALGOR_it;
-+ ASN1_TIME_it;
-+ ASN1_TIME_it;
-+ OCSP_request_set1_name;
-+ OCSP_ONEREQ_get_ext_count;
-+ UI_get0_result;
-+ PKCS12_AUTHSAFES_it;
-+ PKCS12_AUTHSAFES_it;
-+ EVP_aes_256_ecb;
-+ PKCS12_pack_authsafes;
-+ ASN1_IA5STRING_it;
-+ ASN1_IA5STRING_it;
-+ UI_get_input_flags;
-+ EC_GROUP_set_generator;
-+ _ossl_old_des_string_to_2keys;
-+ OCSP_CERTID_free;
-+ X509_CERT_AUX_it;
-+ X509_CERT_AUX_it;
-+ CERTIFICATEPOLICIES_it;
-+ CERTIFICATEPOLICIES_it;
-+ _ossl_old_des_ede3_cbc_encrypt;
-+ RAND_set_rand_engine;
-+ DSO_get_loaded_filename;
-+ X509_ATTRIBUTE_it;
-+ X509_ATTRIBUTE_it;
-+ OCSP_ONEREQ_get_ext_by_NID;
-+ PKCS12_decrypt_skey;
-+ KRB5_AUTHENT_it;
-+ KRB5_AUTHENT_it;
-+ UI_dup_error_string;
-+ RSAPublicKey_it;
-+ RSAPublicKey_it;
-+ i2d_OCSP_REQUEST;
-+ PKCS12_x509crl2certbag;
-+ OCSP_SERVICELOC_it;
-+ OCSP_SERVICELOC_it;
-+ ASN1_item_sign;
-+ X509_CRL_set_issuer_name;
-+ OBJ_NAME_do_all_sorted;
-+ i2d_OCSP_BASICRESP;
-+ i2d_OCSP_RESPBYTES;
-+ PKCS12_unpack_p7encdata;
-+ HMAC_CTX_init;
-+ ENGINE_get_digest;
-+ OCSP_RESPONSE_print;
-+ KRB5_TKTBODY_it;
-+ KRB5_TKTBODY_it;
-+ ACCESS_DESCRIPTION_it;
-+ ACCESS_DESCRIPTION_it;
-+ PKCS7_ISSUER_AND_SERIAL_it;
-+ PKCS7_ISSUER_AND_SERIAL_it;
-+ PBE2PARAM_it;
-+ PBE2PARAM_it;
-+ PKCS12_certbag2x509crl;
-+ PKCS7_SIGNED_it;
-+ PKCS7_SIGNED_it;
-+ ENGINE_get_cipher;
-+ i2d_OCSP_CRLID;
-+ OCSP_SINGLERESP_new;
-+ ENGINE_cmd_is_executable;
-+ RSA_up_ref;
-+ ASN1_GENERALSTRING_it;
-+ ASN1_GENERALSTRING_it;
-+ ENGINE_register_DSA;
-+ X509V3_EXT_add_nconf_sk;
-+ ENGINE_set_load_pubkey_function;
-+ PKCS8_decrypt;
-+ PEM_bytes_read_bio;
-+ DIRECTORYSTRING_it;
-+ DIRECTORYSTRING_it;
-+ d2i_OCSP_CRLID;
-+ EC_POINT_is_on_curve;
-+ CRYPTO_set_locked_mem_ex_functions;
-+ CRYPTO_set_locked_mem_ex_funcs;
-+ d2i_KRB5_CHECKSUM;
-+ ASN1_item_dup;
-+ X509_it;
-+ X509_it;
-+ BN_mod_add;
-+ KRB5_AUTHDATA_free;
-+ _ossl_old_des_cbc_cksum;
-+ ASN1_item_verify;
-+ CRYPTO_set_mem_ex_functions;
-+ EC_POINT_get_Jprojective_coordinates_GFp;
-+ EC_POINT_get_Jproj_coords_GFp;
-+ ZLONG_it;
-+ ZLONG_it;
-+ CRYPTO_get_locked_mem_ex_functions;
-+ CRYPTO_get_locked_mem_ex_funcs;
-+ ASN1_TIME_check;
-+ UI_get0_user_data;
-+ HMAC_CTX_cleanup;
-+ DSA_up_ref;
-+ _ossl_old_des_ede3_cfb64_encrypt;
-+ _ossl_odes_ede3_cfb64_encrypt;
-+ ASN1_BMPSTRING_it;
-+ ASN1_BMPSTRING_it;
-+ ASN1_tag2bit;
-+ UI_method_set_flusher;
-+ X509_ocspid_print;
-+ KRB5_ENCDATA_it;
-+ KRB5_ENCDATA_it;
-+ ENGINE_get_load_pubkey_function;
-+ UI_add_user_data;
-+ OCSP_REQUEST_delete_ext;
-+ UI_get_method;
-+ OCSP_ONEREQ_free;
-+ ASN1_PRINTABLESTRING_it;
-+ ASN1_PRINTABLESTRING_it;
-+ X509_CRL_set_nextUpdate;
-+ OCSP_REQUEST_it;
-+ OCSP_REQUEST_it;
-+ OCSP_BASICRESP_it;
-+ OCSP_BASICRESP_it;
-+ AES_ecb_encrypt;
-+ BN_mod_sqr;
-+ NETSCAPE_CERT_SEQUENCE_it;
-+ NETSCAPE_CERT_SEQUENCE_it;
-+ GENERAL_NAMES_it;
-+ GENERAL_NAMES_it;
-+ AUTHORITY_INFO_ACCESS_it;
-+ AUTHORITY_INFO_ACCESS_it;
-+ ASN1_FBOOLEAN_it;
-+ ASN1_FBOOLEAN_it;
-+ UI_set_ex_data;
-+ _ossl_old_des_string_to_key;
-+ ENGINE_register_all_RSA;
-+ d2i_KRB5_PRINCNAME;
-+ OCSP_RESPBYTES_it;
-+ OCSP_RESPBYTES_it;
-+ X509_CINF_it;
-+ X509_CINF_it;
-+ ENGINE_unregister_digests;
-+ d2i_EDIPARTYNAME;
-+ d2i_OCSP_SERVICELOC;
-+ ENGINE_get_digests;
-+ _ossl_old_des_set_odd_parity;
-+ OCSP_RESPDATA_free;
-+ d2i_KRB5_TICKET;
-+ OTHERNAME_it;
-+ OTHERNAME_it;
-+ EVP_MD_CTX_cleanup;
-+ d2i_ASN1_GENERALSTRING;
-+ X509_CRL_set_version;
-+ BN_mod_sub;
-+ OCSP_SINGLERESP_get_ext_by_NID;
-+ ENGINE_get_ex_new_index;
-+ OCSP_REQUEST_free;
-+ OCSP_REQUEST_add1_ext_i2d;
-+ X509_VAL_it;
-+ X509_VAL_it;
-+ EC_POINTs_make_affine;
-+ EC_POINT_mul;
-+ X509V3_EXT_add_nconf;
-+ X509_TRUST_set;
-+ X509_CRL_add1_ext_i2d;
-+ _ossl_old_des_fcrypt;
-+ DISPLAYTEXT_it;
-+ DISPLAYTEXT_it;
-+ X509_CRL_set_lastUpdate;
-+ OCSP_BASICRESP_free;
-+ OCSP_BASICRESP_add1_ext_i2d;
-+ d2i_KRB5_AUTHENTBODY;
-+ CRYPTO_set_ex_data_implementation;
-+ CRYPTO_set_ex_data_impl;
-+ KRB5_ENCDATA_new;
-+ DSO_up_ref;
-+ OCSP_crl_reason_str;
-+ UI_get0_result_string;
-+ ASN1_GENERALSTRING_new;
-+ X509_SIG_it;
-+ X509_SIG_it;
-+ ERR_set_implementation;
-+ ERR_load_EC_strings;
-+ UI_get0_action_string;
-+ OCSP_ONEREQ_get_ext;
-+ EC_POINT_method_of;
-+ i2d_KRB5_APREQBODY;
-+ _ossl_old_des_ecb3_encrypt;
-+ CRYPTO_get_mem_ex_functions;
-+ ENGINE_get_ex_data;
-+ UI_destroy_method;
-+ ASN1_item_i2d_bio;
-+ OCSP_ONEREQ_get_ext_by_OBJ;
-+ ASN1_primitive_new;
-+ ASN1_PRINTABLE_it;
-+ ASN1_PRINTABLE_it;
-+ EVP_aes_192_ecb;
-+ OCSP_SIGNATURE_new;
-+ LONG_it;
-+ LONG_it;
-+ ASN1_VISIBLESTRING_it;
-+ ASN1_VISIBLESTRING_it;
-+ OCSP_SINGLERESP_add1_ext_i2d;
-+ d2i_OCSP_CERTID;
-+ ASN1_item_d2i_fp;
-+ CRL_DIST_POINTS_it;
-+ CRL_DIST_POINTS_it;
-+ GENERAL_NAME_print;
-+ OCSP_SINGLERESP_delete_ext;
-+ PKCS12_SAFEBAGS_it;
-+ PKCS12_SAFEBAGS_it;
-+ d2i_OCSP_SIGNATURE;
-+ OCSP_request_add1_nonce;
-+ ENGINE_set_cmd_defns;
-+ OCSP_SERVICELOC_free;
-+ EC_GROUP_free;
-+ ASN1_BIT_STRING_it;
-+ ASN1_BIT_STRING_it;
-+ X509_REQ_it;
-+ X509_REQ_it;
-+ _ossl_old_des_cbc_encrypt;
-+ ERR_unload_strings;
-+ PKCS7_SIGN_ENVELOPE_it;
-+ PKCS7_SIGN_ENVELOPE_it;
-+ EDIPARTYNAME_free;
-+ OCSP_REQINFO_free;
-+ EC_GROUP_new_curve_GFp;
-+ OCSP_REQUEST_get1_ext_d2i;
-+ PKCS12_item_pack_safebag;
-+ asn1_ex_c2i;
-+ ENGINE_register_digests;
-+ i2d_OCSP_REVOKEDINFO;
-+ asn1_enc_restore;
-+ UI_free;
-+ UI_new_method;
-+ EVP_EncryptInit_ex;
-+ X509_pubkey_digest;
-+ EC_POINT_invert;
-+ OCSP_basic_sign;
-+ i2d_OCSP_RESPID;
-+ OCSP_check_nonce;
-+ ENGINE_ctrl_cmd;
-+ d2i_KRB5_ENCKEY;
-+ OCSP_parse_url;
-+ OCSP_SINGLERESP_get_ext;
-+ OCSP_CRLID_free;
-+ OCSP_BASICRESP_get1_ext_d2i;
-+ RSAPrivateKey_it;
-+ RSAPrivateKey_it;
-+ ENGINE_register_all_DH;
-+ i2d_EDIPARTYNAME;
-+ EC_POINT_get_affine_coordinates_GFp;
-+ EC_POINT_get_affine_coords_GFp;
-+ OCSP_CRLID_new;
-+ ENGINE_get_flags;
-+ OCSP_ONEREQ_it;
-+ OCSP_ONEREQ_it;
-+ UI_process;
-+ ASN1_INTEGER_it;
-+ ASN1_INTEGER_it;
-+ EVP_CipherInit_ex;
-+ UI_get_string_type;
-+ ENGINE_unregister_DH;
-+ ENGINE_register_all_DSA;
-+ OCSP_ONEREQ_get_ext_by_critical;
-+ bn_dup_expand;
-+ OCSP_cert_id_new;
-+ BASIC_CONSTRAINTS_it;
-+ BASIC_CONSTRAINTS_it;
-+ BN_mod_add_quick;
-+ EC_POINT_new;
-+ EVP_MD_CTX_destroy;
-+ OCSP_RESPBYTES_free;
-+ EVP_aes_128_cbc;
-+ OCSP_SINGLERESP_get1_ext_d2i;
-+ EC_POINT_free;
-+ DH_up_ref;
-+ X509_NAME_ENTRY_it;
-+ X509_NAME_ENTRY_it;
-+ UI_get_ex_new_index;
-+ BN_mod_sub_quick;
-+ OCSP_ONEREQ_add_ext;
-+ OCSP_request_sign;
-+ EVP_DigestFinal_ex;
-+ ENGINE_set_digests;
-+ OCSP_id_issuer_cmp;
-+ OBJ_NAME_do_all;
-+ EC_POINTs_mul;
-+ ENGINE_register_complete;
-+ X509V3_EXT_nconf_nid;
-+ ASN1_SEQUENCE_it;
-+ ASN1_SEQUENCE_it;
-+ UI_set_default_method;
-+ RAND_query_egd_bytes;
-+ UI_method_get_writer;
-+ UI_OpenSSL;
-+ PEM_def_callback;
-+ ENGINE_cleanup;
-+ DIST_POINT_it;
-+ DIST_POINT_it;
-+ OCSP_SINGLERESP_it;
-+ OCSP_SINGLERESP_it;
-+ d2i_KRB5_TKTBODY;
-+ EC_POINT_cmp;
-+ OCSP_REVOKEDINFO_new;
-+ i2d_OCSP_CERTSTATUS;
-+ OCSP_basic_add1_nonce;
-+ ASN1_item_ex_d2i;
-+ BN_mod_lshift1_quick;
-+ UI_set_method;
-+ OCSP_id_get0_info;
-+ BN_mod_sqrt;
-+ EC_GROUP_copy;
-+ KRB5_ENCDATA_free;
-+ _ossl_old_des_cfb_encrypt;
-+ OCSP_SINGLERESP_get_ext_by_OBJ;
-+ OCSP_cert_to_id;
-+ OCSP_RESPID_new;
-+ OCSP_RESPDATA_it;
-+ OCSP_RESPDATA_it;
-+ d2i_OCSP_RESPDATA;
-+ ENGINE_register_all_complete;
-+ OCSP_check_validity;
-+ PKCS12_BAGS_it;
-+ PKCS12_BAGS_it;
-+ OCSP_url_svcloc_new;
-+ ASN1_template_free;
-+ OCSP_SINGLERESP_add_ext;
-+ KRB5_AUTHENTBODY_it;
-+ KRB5_AUTHENTBODY_it;
-+ X509_supported_extension;
-+ i2d_KRB5_AUTHDATA;
-+ UI_method_get_opener;
-+ ENGINE_set_ex_data;
-+ OCSP_REQUEST_print;
-+ CBIGNUM_it;
-+ CBIGNUM_it;
-+ KRB5_TICKET_new;
-+ KRB5_APREQ_new;
-+ EC_GROUP_get_curve_GFp;
-+ KRB5_ENCKEY_new;
-+ ASN1_template_d2i;
-+ _ossl_old_des_quad_cksum;
-+ OCSP_single_get0_status;
-+ BN_swap;
-+ POLICYINFO_it;
-+ POLICYINFO_it;
-+ ENGINE_set_destroy_function;
-+ asn1_enc_free;
-+ OCSP_RESPID_it;
-+ OCSP_RESPID_it;
-+ EC_GROUP_new;
-+ EVP_aes_256_cbc;
-+ i2d_KRB5_PRINCNAME;
-+ _ossl_old_des_encrypt2;
-+ _ossl_old_des_encrypt3;
-+ PKCS8_PRIV_KEY_INFO_it;
-+ PKCS8_PRIV_KEY_INFO_it;
-+ OCSP_REQINFO_it;
-+ OCSP_REQINFO_it;
-+ PBEPARAM_it;
-+ PBEPARAM_it;
-+ KRB5_AUTHENTBODY_new;
-+ X509_CRL_add0_revoked;
-+ EDIPARTYNAME_it;
-+ EDIPARTYNAME_it;
-+ NETSCAPE_SPKI_it;
-+ NETSCAPE_SPKI_it;
-+ UI_get0_test_string;
-+ ENGINE_get_cipher_engine;
-+ ENGINE_register_all_ciphers;
-+ EC_POINT_copy;
-+ BN_kronecker;
-+ _ossl_old_des_ede3_ofb64_encrypt;
-+ _ossl_odes_ede3_ofb64_encrypt;
-+ UI_method_get_reader;
-+ OCSP_BASICRESP_get_ext_count;
-+ ASN1_ENUMERATED_it;
-+ ASN1_ENUMERATED_it;
-+ UI_set_result;
-+ i2d_KRB5_TICKET;
-+ X509_print_ex_fp;
-+ EVP_CIPHER_CTX_set_padding;
-+ d2i_OCSP_RESPONSE;
-+ ASN1_UTCTIME_it;
-+ ASN1_UTCTIME_it;
-+ _ossl_old_des_enc_write;
-+ OCSP_RESPONSE_new;
-+ AES_set_encrypt_key;
-+ OCSP_resp_count;
-+ KRB5_CHECKSUM_new;
-+ ENGINE_load_cswift;
-+ OCSP_onereq_get0_id;
-+ ENGINE_set_default_ciphers;
-+ NOTICEREF_it;
-+ NOTICEREF_it;
-+ X509V3_EXT_CRL_add_nconf;
-+ OCSP_REVOKEDINFO_it;
-+ OCSP_REVOKEDINFO_it;
-+ AES_encrypt;
-+ OCSP_REQUEST_new;
-+ ASN1_ANY_it;
-+ ASN1_ANY_it;
-+ CRYPTO_ex_data_new_class;
-+ _ossl_old_des_ncbc_encrypt;
-+ i2d_KRB5_TKTBODY;
-+ EC_POINT_clear_free;
-+ AES_decrypt;
-+ asn1_enc_init;
-+ UI_get_result_maxsize;
-+ OCSP_CERTID_new;
-+ ENGINE_unregister_RAND;
-+ UI_method_get_closer;
-+ d2i_KRB5_ENCDATA;
-+ OCSP_request_onereq_count;
-+ OCSP_basic_verify;
-+ KRB5_AUTHENTBODY_free;
-+ ASN1_item_d2i;
-+ ASN1_primitive_free;
-+ i2d_EXTENDED_KEY_USAGE;
-+ i2d_OCSP_SIGNATURE;
-+ asn1_enc_save;
-+ ENGINE_load_nuron;
-+ _ossl_old_des_pcbc_encrypt;
-+ PKCS12_MAC_DATA_it;
-+ PKCS12_MAC_DATA_it;
-+ OCSP_accept_responses_new;
-+ asn1_do_lock;
-+ PKCS7_ATTR_VERIFY_it;
-+ PKCS7_ATTR_VERIFY_it;
-+ KRB5_APREQBODY_it;
-+ KRB5_APREQBODY_it;
-+ i2d_OCSP_SINGLERESP;
-+ ASN1_item_ex_new;
-+ UI_add_verify_string;
-+ _ossl_old_des_set_key;
-+ KRB5_PRINCNAME_it;
-+ KRB5_PRINCNAME_it;
-+ EVP_DecryptInit_ex;
-+ i2d_OCSP_CERTID;
-+ ASN1_item_d2i_bio;
-+ EC_POINT_dbl;
-+ asn1_get_choice_selector;
-+ i2d_KRB5_CHECKSUM;
-+ ENGINE_set_table_flags;
-+ AES_options;
-+ ENGINE_load_chil;
-+ OCSP_id_cmp;
-+ OCSP_BASICRESP_new;
-+ OCSP_REQUEST_get_ext_by_NID;
-+ KRB5_APREQ_it;
-+ KRB5_APREQ_it;
-+ ENGINE_get_destroy_function;
-+ CONF_set_nconf;
-+ ASN1_PRINTABLE_free;
-+ OCSP_BASICRESP_get_ext_by_NID;
-+ DIST_POINT_NAME_it;
-+ DIST_POINT_NAME_it;
-+ X509V3_extensions_print;
-+ _ossl_old_des_cfb64_encrypt;
-+ X509_REVOKED_add1_ext_i2d;
-+ _ossl_old_des_ofb_encrypt;
-+ KRB5_TKTBODY_new;
-+ ASN1_OCTET_STRING_it;
-+ ASN1_OCTET_STRING_it;
-+ ERR_load_UI_strings;
-+ i2d_KRB5_ENCKEY;
-+ ASN1_template_new;
-+ OCSP_SIGNATURE_free;
-+ ASN1_item_i2d_fp;
-+ KRB5_PRINCNAME_free;
-+ PKCS7_RECIP_INFO_it;
-+ PKCS7_RECIP_INFO_it;
-+ EXTENDED_KEY_USAGE_it;
-+ EXTENDED_KEY_USAGE_it;
-+ EC_GFp_simple_method;
-+ EC_GROUP_precompute_mult;
-+ OCSP_request_onereq_get0;
-+ UI_method_set_writer;
-+ KRB5_AUTHENT_new;
-+ X509_CRL_INFO_it;
-+ X509_CRL_INFO_it;
-+ DSO_set_name_converter;
-+ AES_set_decrypt_key;
-+ PKCS7_DIGEST_it;
-+ PKCS7_DIGEST_it;
-+ PKCS12_x5092certbag;
-+ EVP_DigestInit_ex;
-+ i2a_ACCESS_DESCRIPTION;
-+ OCSP_RESPONSE_it;
-+ OCSP_RESPONSE_it;
-+ PKCS7_ENC_CONTENT_it;
-+ PKCS7_ENC_CONTENT_it;
-+ OCSP_request_add0_id;
-+ EC_POINT_make_affine;
-+ DSO_get_filename;
-+ OCSP_CERTSTATUS_it;
-+ OCSP_CERTSTATUS_it;
-+ OCSP_request_add1_cert;
-+ UI_get0_output_string;
-+ UI_dup_verify_string;
-+ BN_mod_lshift;
-+ KRB5_AUTHDATA_it;
-+ KRB5_AUTHDATA_it;
-+ asn1_set_choice_selector;
-+ OCSP_basic_add1_status;
-+ OCSP_RESPID_free;
-+ asn1_get_field_ptr;
-+ UI_add_input_string;
-+ OCSP_CRLID_it;
-+ OCSP_CRLID_it;
-+ i2d_KRB5_AUTHENTBODY;
-+ OCSP_REQUEST_get_ext_count;
-+ ENGINE_load_atalla;
-+ X509_NAME_it;
-+ X509_NAME_it;
-+ USERNOTICE_it;
-+ USERNOTICE_it;
-+ OCSP_REQINFO_new;
-+ OCSP_BASICRESP_get_ext;
-+ CRYPTO_get_ex_data_implementation;
-+ CRYPTO_get_ex_data_impl;
-+ ASN1_item_pack;
-+ i2d_KRB5_ENCDATA;
-+ X509_PURPOSE_set;
-+ X509_REQ_INFO_it;
-+ X509_REQ_INFO_it;
-+ UI_method_set_opener;
-+ ASN1_item_ex_free;
-+ ASN1_BOOLEAN_it;
-+ ASN1_BOOLEAN_it;
-+ ENGINE_get_table_flags;
-+ UI_create_method;
-+ OCSP_ONEREQ_add1_ext_i2d;
-+ _shadow_DES_check_key;
-+ _shadow_DES_check_key;
-+ d2i_OCSP_REQINFO;
-+ UI_add_info_string;
-+ UI_get_result_minsize;
-+ ASN1_NULL_it;
-+ ASN1_NULL_it;
-+ BN_mod_lshift1;
-+ d2i_OCSP_ONEREQ;
-+ OCSP_ONEREQ_new;
-+ KRB5_TICKET_it;
-+ KRB5_TICKET_it;
-+ EVP_aes_192_cbc;
-+ KRB5_TICKET_free;
-+ UI_new;
-+ OCSP_response_create;
-+ _ossl_old_des_xcbc_encrypt;
-+ PKCS7_it;
-+ PKCS7_it;
-+ OCSP_REQUEST_get_ext_by_critical;
-+ OCSP_REQUEST_get_ext_by_crit;
-+ ENGINE_set_flags;
-+ _ossl_old_des_ecb_encrypt;
-+ OCSP_response_get1_basic;
-+ EVP_Digest;
-+ OCSP_ONEREQ_delete_ext;
-+ ASN1_TBOOLEAN_it;
-+ ASN1_TBOOLEAN_it;
-+ ASN1_item_new;
-+ ASN1_TIME_to_generalizedtime;
-+ BIGNUM_it;
-+ BIGNUM_it;
-+ AES_cbc_encrypt;
-+ ENGINE_get_load_privkey_function;
-+ ENGINE_get_load_privkey_fn;
-+ OCSP_RESPONSE_free;
-+ UI_method_set_reader;
-+ i2d_ASN1_T61STRING;
-+ EC_POINT_set_to_infinity;
-+ ERR_load_OCSP_strings;
-+ EC_POINT_point2oct;
-+ KRB5_APREQ_free;
-+ ASN1_OBJECT_it;
-+ ASN1_OBJECT_it;
-+ OCSP_crlID_new;
-+ OCSP_crlID2_new;
-+ CONF_modules_load_file;
-+ CONF_imodule_set_usr_data;
-+ ENGINE_set_default_string;
-+ CONF_module_get_usr_data;
-+ ASN1_add_oid_module;
-+ CONF_modules_finish;
-+ OPENSSL_config;
-+ CONF_modules_unload;
-+ CONF_imodule_get_value;
-+ CONF_module_set_usr_data;
-+ CONF_parse_list;
-+ CONF_module_add;
-+ CONF_get1_default_config_file;
-+ CONF_imodule_get_flags;
-+ CONF_imodule_get_module;
-+ CONF_modules_load;
-+ CONF_imodule_get_name;
-+ ERR_peek_top_error;
-+ CONF_imodule_get_usr_data;
-+ CONF_imodule_set_flags;
-+ ENGINE_add_conf_module;
-+ ERR_peek_last_error_line;
-+ ERR_peek_last_error_line_data;
-+ ERR_peek_last_error;
-+ DES_read_2passwords;
-+ DES_read_password;
-+ UI_UTIL_read_pw;
-+ UI_UTIL_read_pw_string;
-+ ENGINE_load_aep;
-+ ENGINE_load_sureware;
-+ OPENSSL_add_all_algorithms_noconf;
-+ OPENSSL_add_all_algo_noconf;
-+ OPENSSL_add_all_algorithms_conf;
-+ OPENSSL_add_all_algo_conf;
-+ OPENSSL_load_builtin_modules;
-+ AES_ofb128_encrypt;
-+ AES_ctr128_encrypt;
-+ AES_cfb128_encrypt;
-+ ENGINE_load_4758cca;
-+ _ossl_096_des_random_seed;
-+ EVP_aes_256_ofb;
-+ EVP_aes_192_ofb;
-+ EVP_aes_128_cfb128;
-+ EVP_aes_256_cfb128;
-+ EVP_aes_128_ofb;
-+ EVP_aes_192_cfb128;
-+ CONF_modules_free;
-+ NCONF_default;
-+ OPENSSL_no_config;
-+ NCONF_WIN32;
-+ ASN1_UNIVERSALSTRING_new;
-+ EVP_des_ede_ecb;
-+ i2d_ASN1_UNIVERSALSTRING;
-+ ASN1_UNIVERSALSTRING_free;
-+ ASN1_UNIVERSALSTRING_it;
-+ ASN1_UNIVERSALSTRING_it;
-+ d2i_ASN1_UNIVERSALSTRING;
-+ EVP_des_ede3_ecb;
-+ X509_REQ_print_ex;
-+ ENGINE_up_ref;
-+ BUF_MEM_grow_clean;
-+ CRYPTO_realloc_clean;
-+ BUF_strlcat;
-+ BIO_indent;
-+ BUF_strlcpy;
-+ OpenSSLDie;
-+ OPENSSL_cleanse;
-+ ENGINE_setup_bsd_cryptodev;
-+ ERR_release_err_state_table;
-+ EVP_aes_128_cfb8;
-+ FIPS_corrupt_rsa;
-+ FIPS_selftest_des;
-+ EVP_aes_128_cfb1;
-+ EVP_aes_192_cfb8;
-+ FIPS_mode_set;
-+ FIPS_selftest_dsa;
-+ EVP_aes_256_cfb8;
-+ FIPS_allow_md5;
-+ DES_ede3_cfb_encrypt;
-+ EVP_des_ede3_cfb8;
-+ FIPS_rand_seeded;
-+ AES_cfbr_encrypt_block;
-+ AES_cfb8_encrypt;
-+ FIPS_rand_seed;
-+ FIPS_corrupt_des;
-+ EVP_aes_192_cfb1;
-+ FIPS_selftest_aes;
-+ FIPS_set_prng_key;
-+ EVP_des_cfb8;
-+ FIPS_corrupt_dsa;
-+ FIPS_test_mode;
-+ FIPS_rand_method;
-+ EVP_aes_256_cfb1;
-+ ERR_load_FIPS_strings;
-+ FIPS_corrupt_aes;
-+ FIPS_selftest_sha1;
-+ FIPS_selftest_rsa;
-+ FIPS_corrupt_sha1;
-+ EVP_des_cfb1;
-+ FIPS_dsa_check;
-+ AES_cfb1_encrypt;
-+ EVP_des_ede3_cfb1;
-+ FIPS_rand_check;
-+ FIPS_md5_allowed;
-+ FIPS_mode;
-+ FIPS_selftest_failed;
-+ sk_is_sorted;
-+ X509_check_ca;
-+ HMAC_CTX_set_flags;
-+ d2i_PROXY_CERT_INFO_EXTENSION;
-+ PROXY_POLICY_it;
-+ PROXY_POLICY_it;
-+ i2d_PROXY_POLICY;
-+ i2d_PROXY_CERT_INFO_EXTENSION;
-+ d2i_PROXY_POLICY;
-+ PROXY_CERT_INFO_EXTENSION_new;
-+ PROXY_CERT_INFO_EXTENSION_free;
-+ PROXY_CERT_INFO_EXTENSION_it;
-+ PROXY_CERT_INFO_EXTENSION_it;
-+ PROXY_POLICY_free;
-+ PROXY_POLICY_new;
-+ BN_MONT_CTX_set_locked;
-+ FIPS_selftest_rng;
-+ EVP_sha384;
-+ EVP_sha512;
-+ EVP_sha224;
-+ EVP_sha256;
-+ FIPS_selftest_hmac;
-+ FIPS_corrupt_rng;
-+ BN_mod_exp_mont_consttime;
-+ RSA_X931_hash_id;
-+ RSA_padding_check_X931;
-+ RSA_verify_PKCS1_PSS;
-+ RSA_padding_add_X931;
-+ RSA_padding_add_PKCS1_PSS;
-+ PKCS1_MGF1;
-+ BN_X931_generate_Xpq;
-+ RSA_X931_generate_key;
-+ BN_X931_derive_prime;
-+ BN_X931_generate_prime;
-+ RSA_X931_derive;
-+ BIO_new_dgram;
-+ BN_get0_nist_prime_384;
-+ ERR_set_mark;
-+ X509_STORE_CTX_set0_crls;
-+ ENGINE_set_STORE;
-+ ENGINE_register_ECDSA;
-+ STORE_meth_set_list_start_fn;
-+ STORE_method_set_list_start_function;
-+ BN_BLINDING_invert_ex;
-+ NAME_CONSTRAINTS_free;
-+ STORE_ATTR_INFO_set_number;
-+ BN_BLINDING_get_thread_id;
-+ X509_STORE_CTX_set0_param;
-+ POLICY_MAPPING_it;
-+ POLICY_MAPPING_it;
-+ STORE_parse_attrs_start;
-+ POLICY_CONSTRAINTS_free;
-+ EVP_PKEY_add1_attr_by_NID;
-+ BN_nist_mod_192;
-+ EC_GROUP_get_trinomial_basis;
-+ STORE_set_method;
-+ GENERAL_SUBTREE_free;
-+ NAME_CONSTRAINTS_it;
-+ NAME_CONSTRAINTS_it;
-+ ECDH_get_default_method;
-+ PKCS12_add_safe;
-+ EC_KEY_new_by_curve_name;
-+ STORE_meth_get_update_store_fn;
-+ STORE_method_get_update_store_function;
-+ ENGINE_register_ECDH;
-+ SHA512_Update;
-+ i2d_ECPrivateKey;
-+ BN_get0_nist_prime_192;
-+ STORE_modify_certificate;
-+ EC_POINT_set_affine_coordinates_GF2m;
-+ EC_POINT_set_affine_coords_GF2m;
-+ BN_GF2m_mod_exp_arr;
-+ STORE_ATTR_INFO_modify_number;
-+ X509_keyid_get0;
-+ ENGINE_load_gmp;
-+ pitem_new;
-+ BN_GF2m_mod_mul_arr;
-+ STORE_list_public_key_endp;
-+ o2i_ECPublicKey;
-+ EC_KEY_copy;
-+ BIO_dump_fp;
-+ X509_policy_node_get0_parent;
-+ EC_GROUP_check_discriminant;
-+ i2o_ECPublicKey;
-+ EC_KEY_precompute_mult;
-+ a2i_IPADDRESS;
-+ STORE_meth_set_initialise_fn;
-+ STORE_method_set_initialise_function;
-+ X509_STORE_CTX_set_depth;
-+ X509_VERIFY_PARAM_inherit;
-+ EC_POINT_point2bn;
-+ STORE_ATTR_INFO_set_dn;
-+ X509_policy_tree_get0_policies;
-+ EC_GROUP_new_curve_GF2m;
-+ STORE_destroy_method;
-+ ENGINE_unregister_STORE;
-+ EVP_PKEY_get1_EC_KEY;
-+ STORE_ATTR_INFO_get0_number;
-+ ENGINE_get_default_ECDH;
-+ EC_KEY_get_conv_form;
-+ ASN1_OCTET_STRING_NDEF_it;
-+ ASN1_OCTET_STRING_NDEF_it;
-+ STORE_delete_public_key;
-+ STORE_get_public_key;
-+ STORE_modify_arbitrary;
-+ ENGINE_get_static_state;
-+ pqueue_iterator;
-+ ECDSA_SIG_new;
-+ OPENSSL_DIR_end;
-+ BN_GF2m_mod_sqr;
-+ EC_POINT_bn2point;
-+ X509_VERIFY_PARAM_set_depth;
-+ EC_KEY_set_asn1_flag;
-+ STORE_get_method;
-+ EC_KEY_get_key_method_data;
-+ ECDSA_sign_ex;
-+ STORE_parse_attrs_end;
-+ EC_GROUP_get_point_conversion_form;
-+ EC_GROUP_get_point_conv_form;
-+ STORE_method_set_store_function;
-+ STORE_ATTR_INFO_in;
-+ PEM_read_bio_ECPKParameters;
-+ EC_GROUP_get_pentanomial_basis;
-+ EVP_PKEY_add1_attr_by_txt;
-+ BN_BLINDING_set_flags;
-+ X509_VERIFY_PARAM_set1_policies;
-+ X509_VERIFY_PARAM_set1_name;
-+ X509_VERIFY_PARAM_set_purpose;
-+ STORE_get_number;
-+ ECDSA_sign_setup;
-+ BN_GF2m_mod_solve_quad_arr;
-+ EC_KEY_up_ref;
-+ POLICY_MAPPING_free;
-+ BN_GF2m_mod_div;
-+ X509_VERIFY_PARAM_set_flags;
-+ EC_KEY_free;
-+ STORE_meth_set_list_next_fn;
-+ STORE_method_set_list_next_function;
-+ PEM_write_bio_ECPrivateKey;
-+ d2i_EC_PUBKEY;
-+ STORE_meth_get_generate_fn;
-+ STORE_method_get_generate_function;
-+ STORE_meth_set_list_end_fn;
-+ STORE_method_set_list_end_function;
-+ pqueue_print;
-+ EC_GROUP_have_precompute_mult;
-+ EC_KEY_print_fp;
-+ BN_GF2m_mod_arr;
-+ PEM_write_bio_X509_CERT_PAIR;
-+ EVP_PKEY_cmp;
-+ X509_policy_level_node_count;
-+ STORE_new_engine;
-+ STORE_list_public_key_start;
-+ X509_VERIFY_PARAM_new;
-+ ECDH_get_ex_data;
-+ EVP_PKEY_get_attr;
-+ ECDSA_do_sign;
-+ ENGINE_unregister_ECDH;
-+ ECDH_OpenSSL;
-+ EC_KEY_set_conv_form;
-+ EC_POINT_dup;
-+ GENERAL_SUBTREE_new;
-+ STORE_list_crl_endp;
-+ EC_get_builtin_curves;
-+ X509_policy_node_get0_qualifiers;
-+ X509_pcy_node_get0_qualifiers;
-+ STORE_list_crl_end;
-+ EVP_PKEY_set1_EC_KEY;
-+ BN_GF2m_mod_sqrt_arr;
-+ i2d_ECPrivateKey_bio;
-+ ECPKParameters_print_fp;
-+ pqueue_find;
-+ ECDSA_SIG_free;
-+ PEM_write_bio_ECPKParameters;
-+ STORE_method_set_ctrl_function;
-+ STORE_list_public_key_end;
-+ EC_KEY_set_private_key;
-+ pqueue_peek;
-+ STORE_get_arbitrary;
-+ STORE_store_crl;
-+ X509_policy_node_get0_policy;
-+ PKCS12_add_safes;
-+ BN_BLINDING_convert_ex;
-+ X509_policy_tree_free;
-+ OPENSSL_ia32cap_loc;
-+ BN_GF2m_poly2arr;
-+ STORE_ctrl;
-+ STORE_ATTR_INFO_compare;
-+ BN_get0_nist_prime_224;
-+ i2d_ECParameters;
-+ i2d_ECPKParameters;
-+ BN_GENCB_call;
-+ d2i_ECPKParameters;
-+ STORE_meth_set_generate_fn;
-+ STORE_method_set_generate_function;
-+ ENGINE_set_ECDH;
-+ NAME_CONSTRAINTS_new;
-+ SHA256_Init;
-+ EC_KEY_get0_public_key;
-+ PEM_write_bio_EC_PUBKEY;
-+ STORE_ATTR_INFO_set_cstr;
-+ STORE_list_crl_next;
-+ STORE_ATTR_INFO_in_range;
-+ ECParameters_print;
-+ STORE_meth_set_delete_fn;
-+ STORE_method_set_delete_function;
-+ STORE_list_certificate_next;
-+ ASN1_generate_nconf;
-+ BUF_memdup;
-+ BN_GF2m_mod_mul;
-+ STORE_meth_get_list_next_fn;
-+ STORE_method_get_list_next_function;
-+ STORE_ATTR_INFO_get0_dn;
-+ STORE_list_private_key_next;
-+ EC_GROUP_set_seed;
-+ X509_VERIFY_PARAM_set_trust;
-+ STORE_ATTR_INFO_free;
-+ STORE_get_private_key;
-+ EVP_PKEY_get_attr_count;
-+ STORE_ATTR_INFO_new;
-+ EC_GROUP_get_curve_GF2m;
-+ STORE_meth_set_revoke_fn;
-+ STORE_method_set_revoke_function;
-+ STORE_store_number;
-+ BN_is_prime_ex;
-+ STORE_revoke_public_key;
-+ X509_STORE_CTX_get0_param;
-+ STORE_delete_arbitrary;
-+ PEM_read_X509_CERT_PAIR;
-+ X509_STORE_set_depth;
-+ ECDSA_get_ex_data;
-+ SHA224;
-+ BIO_dump_indent_fp;
-+ EC_KEY_set_group;
-+ BUF_strndup;
-+ STORE_list_certificate_start;
-+ BN_GF2m_mod;
-+ X509_REQ_check_private_key;
-+ EC_GROUP_get_seed_len;
-+ ERR_load_STORE_strings;
-+ PEM_read_bio_EC_PUBKEY;
-+ STORE_list_private_key_end;
-+ i2d_EC_PUBKEY;
-+ ECDSA_get_default_method;
-+ ASN1_put_eoc;
-+ X509_STORE_CTX_get_explicit_policy;
-+ X509_STORE_CTX_get_expl_policy;
-+ X509_VERIFY_PARAM_table_cleanup;
-+ STORE_modify_private_key;
-+ X509_VERIFY_PARAM_free;
-+ EC_METHOD_get_field_type;
-+ EC_GFp_nist_method;
-+ STORE_meth_set_modify_fn;
-+ STORE_method_set_modify_function;
-+ STORE_parse_attrs_next;
-+ ENGINE_load_padlock;
-+ EC_GROUP_set_curve_name;
-+ X509_CERT_PAIR_it;
-+ X509_CERT_PAIR_it;
-+ STORE_meth_get_revoke_fn;
-+ STORE_method_get_revoke_function;
-+ STORE_method_set_get_function;
-+ STORE_modify_number;
-+ STORE_method_get_store_function;
-+ STORE_store_private_key;
-+ BN_GF2m_mod_sqr_arr;
-+ RSA_setup_blinding;
-+ BIO_s_datagram;
-+ STORE_Memory;
-+ sk_find_ex;
-+ EC_GROUP_set_curve_GF2m;
-+ ENGINE_set_default_ECDSA;
-+ POLICY_CONSTRAINTS_new;
-+ BN_GF2m_mod_sqrt;
-+ ECDH_set_default_method;
-+ EC_KEY_generate_key;
-+ SHA384_Update;
-+ BN_GF2m_arr2poly;
-+ STORE_method_get_get_function;
-+ STORE_meth_set_cleanup_fn;
-+ STORE_method_set_cleanup_function;
-+ EC_GROUP_check;
-+ d2i_ECPrivateKey_bio;
-+ EC_KEY_insert_key_method_data;
-+ STORE_meth_get_lock_store_fn;
-+ STORE_method_get_lock_store_function;
-+ X509_VERIFY_PARAM_get_depth;
-+ SHA224_Final;
-+ STORE_meth_set_update_store_fn;
-+ STORE_method_set_update_store_function;
-+ SHA224_Update;
-+ d2i_ECPrivateKey;
-+ ASN1_item_ndef_i2d;
-+ STORE_delete_private_key;
-+ ERR_pop_to_mark;
-+ ENGINE_register_all_STORE;
-+ X509_policy_level_get0_node;
-+ i2d_PKCS7_NDEF;
-+ EC_GROUP_get_degree;
-+ ASN1_generate_v3;
-+ STORE_ATTR_INFO_modify_cstr;
-+ X509_policy_tree_level_count;
-+ BN_GF2m_add;
-+ EC_KEY_get0_group;
-+ STORE_generate_crl;
-+ STORE_store_public_key;
-+ X509_CERT_PAIR_free;
-+ STORE_revoke_private_key;
-+ BN_nist_mod_224;
-+ SHA512_Final;
-+ STORE_ATTR_INFO_modify_dn;
-+ STORE_meth_get_initialise_fn;
-+ STORE_method_get_initialise_function;
-+ STORE_delete_number;
-+ i2d_EC_PUBKEY_bio;
-+ BIO_dgram_non_fatal_error;
-+ EC_GROUP_get_asn1_flag;
-+ STORE_ATTR_INFO_in_ex;
-+ STORE_list_crl_start;
-+ ECDH_get_ex_new_index;
-+ STORE_meth_get_modify_fn;
-+ STORE_method_get_modify_function;
-+ v2i_ASN1_BIT_STRING;
-+ STORE_store_certificate;
-+ OBJ_bsearch_ex;
-+ X509_STORE_CTX_set_default;
-+ STORE_ATTR_INFO_set_sha1str;
-+ BN_GF2m_mod_inv;
-+ BN_GF2m_mod_exp;
-+ STORE_modify_public_key;
-+ STORE_meth_get_list_start_fn;
-+ STORE_method_get_list_start_function;
-+ EC_GROUP_get0_seed;
-+ STORE_store_arbitrary;
-+ STORE_meth_set_unlock_store_fn;
-+ STORE_method_set_unlock_store_function;
-+ BN_GF2m_mod_div_arr;
-+ ENGINE_set_ECDSA;
-+ STORE_create_method;
-+ ECPKParameters_print;
-+ EC_KEY_get0_private_key;
-+ PEM_write_EC_PUBKEY;
-+ X509_VERIFY_PARAM_set1;
-+ ECDH_set_method;
-+ v2i_GENERAL_NAME_ex;
-+ ECDH_set_ex_data;
-+ STORE_generate_key;
-+ BN_nist_mod_521;
-+ X509_policy_tree_get0_level;
-+ EC_GROUP_set_point_conversion_form;
-+ EC_GROUP_set_point_conv_form;
-+ PEM_read_EC_PUBKEY;
-+ i2d_ECDSA_SIG;
-+ ECDSA_OpenSSL;
-+ STORE_delete_crl;
-+ EC_KEY_get_enc_flags;
-+ ASN1_const_check_infinite_end;
-+ EVP_PKEY_delete_attr;
-+ ECDSA_set_default_method;
-+ EC_POINT_set_compressed_coordinates_GF2m;
-+ EC_POINT_set_compr_coords_GF2m;
-+ EC_GROUP_cmp;
-+ STORE_revoke_certificate;
-+ BN_get0_nist_prime_256;
-+ STORE_meth_get_delete_fn;
-+ STORE_method_get_delete_function;
-+ SHA224_Init;
-+ PEM_read_ECPrivateKey;
-+ SHA512_Init;
-+ STORE_parse_attrs_endp;
-+ BN_set_negative;
-+ ERR_load_ECDSA_strings;
-+ EC_GROUP_get_basis_type;
-+ STORE_list_public_key_next;
-+ i2v_ASN1_BIT_STRING;
-+ STORE_OBJECT_free;
-+ BN_nist_mod_384;
-+ i2d_X509_CERT_PAIR;
-+ PEM_write_ECPKParameters;
-+ ECDH_compute_key;
-+ STORE_ATTR_INFO_get0_sha1str;
-+ ENGINE_register_all_ECDH;
-+ pqueue_pop;
-+ STORE_ATTR_INFO_get0_cstr;
-+ POLICY_CONSTRAINTS_it;
-+ POLICY_CONSTRAINTS_it;
-+ STORE_get_ex_new_index;
-+ EVP_PKEY_get_attr_by_OBJ;
-+ X509_VERIFY_PARAM_add0_policy;
-+ BN_GF2m_mod_solve_quad;
-+ SHA256;
-+ i2d_ECPrivateKey_fp;
-+ X509_policy_tree_get0_user_policies;
-+ X509_pcy_tree_get0_usr_policies;
-+ OPENSSL_DIR_read;
-+ ENGINE_register_all_ECDSA;
-+ X509_VERIFY_PARAM_lookup;
-+ EC_POINT_get_affine_coordinates_GF2m;
-+ EC_POINT_get_affine_coords_GF2m;
-+ EC_GROUP_dup;
-+ ENGINE_get_default_ECDSA;
-+ EC_KEY_new;
-+ SHA256_Transform;
-+ EC_KEY_set_enc_flags;
-+ ECDSA_verify;
-+ EC_POINT_point2hex;
-+ ENGINE_get_STORE;
-+ SHA512;
-+ STORE_get_certificate;
-+ ECDSA_do_sign_ex;
-+ ECDSA_do_verify;
-+ d2i_ECPrivateKey_fp;
-+ STORE_delete_certificate;
-+ SHA512_Transform;
-+ X509_STORE_set1_param;
-+ STORE_method_get_ctrl_function;
-+ STORE_free;
-+ PEM_write_ECPrivateKey;
-+ STORE_meth_get_unlock_store_fn;
-+ STORE_method_get_unlock_store_function;
-+ STORE_get_ex_data;
-+ EC_KEY_set_public_key;
-+ PEM_read_ECPKParameters;
-+ X509_CERT_PAIR_new;
-+ ENGINE_register_STORE;
-+ RSA_generate_key_ex;
-+ DSA_generate_parameters_ex;
-+ ECParameters_print_fp;
-+ X509V3_NAME_from_section;
-+ EVP_PKEY_add1_attr;
-+ STORE_modify_crl;
-+ STORE_list_private_key_start;
-+ POLICY_MAPPINGS_it;
-+ POLICY_MAPPINGS_it;
-+ GENERAL_SUBTREE_it;
-+ GENERAL_SUBTREE_it;
-+ EC_GROUP_get_curve_name;
-+ PEM_write_X509_CERT_PAIR;
-+ BIO_dump_indent_cb;
-+ d2i_X509_CERT_PAIR;
-+ STORE_list_private_key_endp;
-+ asn1_const_Finish;
-+ i2d_EC_PUBKEY_fp;
-+ BN_nist_mod_256;
-+ X509_VERIFY_PARAM_add0_table;
-+ pqueue_free;
-+ BN_BLINDING_create_param;
-+ ECDSA_size;
-+ d2i_EC_PUBKEY_bio;
-+ BN_get0_nist_prime_521;
-+ STORE_ATTR_INFO_modify_sha1str;
-+ BN_generate_prime_ex;
-+ EC_GROUP_new_by_curve_name;
-+ SHA256_Final;
-+ DH_generate_parameters_ex;
-+ PEM_read_bio_ECPrivateKey;
-+ STORE_meth_get_cleanup_fn;
-+ STORE_method_get_cleanup_function;
-+ ENGINE_get_ECDH;
-+ d2i_ECDSA_SIG;
-+ BN_is_prime_fasttest_ex;
-+ ECDSA_sign;
-+ X509_policy_check;
-+ EVP_PKEY_get_attr_by_NID;
-+ STORE_set_ex_data;
-+ ENGINE_get_ECDSA;
-+ EVP_ecdsa;
-+ BN_BLINDING_get_flags;
-+ PKCS12_add_cert;
-+ STORE_OBJECT_new;
-+ ERR_load_ECDH_strings;
-+ EC_KEY_dup;
-+ EVP_CIPHER_CTX_rand_key;
-+ ECDSA_set_method;
-+ a2i_IPADDRESS_NC;
-+ d2i_ECParameters;
-+ STORE_list_certificate_end;
-+ STORE_get_crl;
-+ X509_POLICY_NODE_print;
-+ SHA384_Init;
-+ EC_GF2m_simple_method;
-+ ECDSA_set_ex_data;
-+ SHA384_Final;
-+ PKCS7_set_digest;
-+ EC_KEY_print;
-+ STORE_meth_set_lock_store_fn;
-+ STORE_method_set_lock_store_function;
-+ ECDSA_get_ex_new_index;
-+ SHA384;
-+ POLICY_MAPPING_new;
-+ STORE_list_certificate_endp;
-+ X509_STORE_CTX_get0_policy_tree;
-+ EC_GROUP_set_asn1_flag;
-+ EC_KEY_check_key;
-+ d2i_EC_PUBKEY_fp;
-+ PKCS7_set0_type_other;
-+ PEM_read_bio_X509_CERT_PAIR;
-+ pqueue_next;
-+ STORE_meth_get_list_end_fn;
-+ STORE_method_get_list_end_function;
-+ EVP_PKEY_add1_attr_by_OBJ;
-+ X509_VERIFY_PARAM_set_time;
-+ pqueue_new;
-+ ENGINE_set_default_ECDH;
-+ STORE_new_method;
-+ PKCS12_add_key;
-+ DSO_merge;
-+ EC_POINT_hex2point;
-+ BIO_dump_cb;
-+ SHA256_Update;
-+ pqueue_insert;
-+ pitem_free;
-+ BN_GF2m_mod_inv_arr;
-+ ENGINE_unregister_ECDSA;
-+ BN_BLINDING_set_thread_id;
-+ get_rfc3526_prime_8192;
-+ X509_VERIFY_PARAM_clear_flags;
-+ get_rfc2409_prime_1024;
-+ DH_check_pub_key;
-+ get_rfc3526_prime_2048;
-+ get_rfc3526_prime_6144;
-+ get_rfc3526_prime_1536;
-+ get_rfc3526_prime_3072;
-+ get_rfc3526_prime_4096;
-+ get_rfc2409_prime_768;
-+ X509_VERIFY_PARAM_get_flags;
-+ EVP_CIPHER_CTX_new;
-+ EVP_CIPHER_CTX_free;
-+ Camellia_cbc_encrypt;
-+ Camellia_cfb128_encrypt;
-+ Camellia_cfb1_encrypt;
-+ Camellia_cfb8_encrypt;
-+ Camellia_ctr128_encrypt;
-+ Camellia_cfbr_encrypt_block;
-+ Camellia_decrypt;
-+ Camellia_ecb_encrypt;
-+ Camellia_encrypt;
-+ Camellia_ofb128_encrypt;
-+ Camellia_set_key;
-+ EVP_camellia_128_cbc;
-+ EVP_camellia_128_cfb128;
-+ EVP_camellia_128_cfb1;
-+ EVP_camellia_128_cfb8;
-+ EVP_camellia_128_ecb;
-+ EVP_camellia_128_ofb;
-+ EVP_camellia_192_cbc;
-+ EVP_camellia_192_cfb128;
-+ EVP_camellia_192_cfb1;
-+ EVP_camellia_192_cfb8;
-+ EVP_camellia_192_ecb;
-+ EVP_camellia_192_ofb;
-+ EVP_camellia_256_cbc;
-+ EVP_camellia_256_cfb128;
-+ EVP_camellia_256_cfb1;
-+ EVP_camellia_256_cfb8;
-+ EVP_camellia_256_ecb;
-+ EVP_camellia_256_ofb;
-+ a2i_ipadd;
-+ ASIdentifiers_free;
-+ i2d_ASIdOrRange;
-+ EVP_CIPHER_block_size;
-+ v3_asid_is_canonical;
-+ IPAddressChoice_free;
-+ EVP_CIPHER_CTX_set_app_data;
-+ BIO_set_callback_arg;
-+ v3_addr_add_prefix;
-+ IPAddressOrRange_it;
-+ IPAddressOrRange_it;
-+ BIO_set_flags;
-+ ASIdentifiers_it;
-+ ASIdentifiers_it;
-+ v3_addr_get_range;
-+ BIO_method_type;
-+ v3_addr_inherits;
-+ IPAddressChoice_it;
-+ IPAddressChoice_it;
-+ AES_ige_encrypt;
-+ v3_addr_add_range;
-+ EVP_CIPHER_CTX_nid;
-+ d2i_ASRange;
-+ v3_addr_add_inherit;
-+ v3_asid_add_id_or_range;
-+ v3_addr_validate_resource_set;
-+ EVP_CIPHER_iv_length;
-+ EVP_MD_type;
-+ v3_asid_canonize;
-+ IPAddressRange_free;
-+ v3_asid_add_inherit;
-+ EVP_CIPHER_CTX_key_length;
-+ IPAddressRange_new;
-+ ASIdOrRange_new;
-+ EVP_MD_size;
-+ EVP_MD_CTX_test_flags;
-+ BIO_clear_flags;
-+ i2d_ASRange;
-+ IPAddressRange_it;
-+ IPAddressRange_it;
-+ IPAddressChoice_new;
-+ ASIdentifierChoice_new;
-+ ASRange_free;
-+ EVP_MD_pkey_type;
-+ EVP_MD_CTX_clear_flags;
-+ IPAddressFamily_free;
-+ i2d_IPAddressFamily;
-+ IPAddressOrRange_new;
-+ EVP_CIPHER_flags;
-+ v3_asid_validate_resource_set;
-+ d2i_IPAddressRange;
-+ AES_bi_ige_encrypt;
-+ BIO_get_callback;
-+ IPAddressOrRange_free;
-+ v3_addr_subset;
-+ d2i_IPAddressFamily;
-+ v3_asid_subset;
-+ BIO_test_flags;
-+ i2d_ASIdentifierChoice;
-+ ASRange_it;
-+ ASRange_it;
-+ d2i_ASIdentifiers;
-+ ASRange_new;
-+ d2i_IPAddressChoice;
-+ v3_addr_get_afi;
-+ EVP_CIPHER_key_length;
-+ EVP_Cipher;
-+ i2d_IPAddressOrRange;
-+ ASIdOrRange_it;
-+ ASIdOrRange_it;
-+ EVP_CIPHER_nid;
-+ i2d_IPAddressChoice;
-+ EVP_CIPHER_CTX_block_size;
-+ ASIdentifiers_new;
-+ v3_addr_validate_path;
-+ IPAddressFamily_new;
-+ EVP_MD_CTX_set_flags;
-+ v3_addr_is_canonical;
-+ i2d_IPAddressRange;
-+ IPAddressFamily_it;
-+ IPAddressFamily_it;
-+ v3_asid_inherits;
-+ EVP_CIPHER_CTX_cipher;
-+ EVP_CIPHER_CTX_get_app_data;
-+ EVP_MD_block_size;
-+ EVP_CIPHER_CTX_flags;
-+ v3_asid_validate_path;
-+ d2i_IPAddressOrRange;
-+ v3_addr_canonize;
-+ ASIdentifierChoice_it;
-+ ASIdentifierChoice_it;
-+ EVP_MD_CTX_md;
-+ d2i_ASIdentifierChoice;
-+ BIO_method_name;
-+ EVP_CIPHER_CTX_iv_length;
-+ ASIdOrRange_free;
-+ ASIdentifierChoice_free;
-+ BIO_get_callback_arg;
-+ BIO_set_callback;
-+ d2i_ASIdOrRange;
-+ i2d_ASIdentifiers;
-+ SEED_decrypt;
-+ SEED_encrypt;
-+ SEED_cbc_encrypt;
-+ EVP_seed_ofb;
-+ SEED_cfb128_encrypt;
-+ SEED_ofb128_encrypt;
-+ EVP_seed_cbc;
-+ SEED_ecb_encrypt;
-+ EVP_seed_ecb;
-+ SEED_set_key;
-+ EVP_seed_cfb128;
-+ X509_EXTENSIONS_it;
-+ X509_EXTENSIONS_it;
-+ X509_get1_ocsp;
-+ OCSP_REQ_CTX_free;
-+ i2d_X509_EXTENSIONS;
-+ OCSP_sendreq_nbio;
-+ OCSP_sendreq_new;
-+ d2i_X509_EXTENSIONS;
-+ X509_ALGORS_it;
-+ X509_ALGORS_it;
-+ X509_ALGOR_get0;
-+ X509_ALGOR_set0;
-+ AES_unwrap_key;
-+ AES_wrap_key;
-+ X509at_get0_data_by_OBJ;
-+ ASN1_TYPE_set1;
-+ ASN1_STRING_set0;
-+ i2d_X509_ALGORS;
-+ BIO_f_zlib;
-+ COMP_zlib_cleanup;
-+ d2i_X509_ALGORS;
-+ CMS_ReceiptRequest_free;
-+ PEM_write_CMS;
-+ CMS_add0_CertificateChoices;
-+ CMS_unsigned_add1_attr_by_OBJ;
-+ ERR_load_CMS_strings;
-+ CMS_sign_receipt;
-+ i2d_CMS_ContentInfo;
-+ CMS_signed_delete_attr;
-+ d2i_CMS_bio;
-+ CMS_unsigned_get_attr_by_NID;
-+ CMS_verify;
-+ SMIME_read_CMS;
-+ CMS_decrypt_set1_key;
-+ CMS_SignerInfo_get0_algs;
-+ CMS_add1_cert;
-+ CMS_set_detached;
-+ CMS_encrypt;
-+ CMS_EnvelopedData_create;
-+ CMS_uncompress;
-+ CMS_add0_crl;
-+ CMS_SignerInfo_verify_content;
-+ CMS_unsigned_get0_data_by_OBJ;
-+ PEM_write_bio_CMS;
-+ CMS_unsigned_get_attr;
-+ CMS_RecipientInfo_ktri_cert_cmp;
-+ CMS_RecipientInfo_ktri_get0_algs;
-+ CMS_RecipInfo_ktri_get0_algs;
-+ CMS_ContentInfo_free;
-+ CMS_final;
-+ CMS_add_simple_smimecap;
-+ CMS_SignerInfo_verify;
-+ CMS_data;
-+ CMS_ContentInfo_it;
-+ CMS_ContentInfo_it;
-+ d2i_CMS_ReceiptRequest;
-+ CMS_compress;
-+ CMS_digest_create;
-+ CMS_SignerInfo_cert_cmp;
-+ CMS_SignerInfo_sign;
-+ CMS_data_create;
-+ i2d_CMS_bio;
-+ CMS_EncryptedData_set1_key;
-+ CMS_decrypt;
-+ int_smime_write_ASN1;
-+ CMS_unsigned_delete_attr;
-+ CMS_unsigned_get_attr_count;
-+ CMS_add_smimecap;
-+ PEM_read_CMS;
-+ CMS_signed_get_attr_by_OBJ;
-+ d2i_CMS_ContentInfo;
-+ CMS_add_standard_smimecap;
-+ CMS_ContentInfo_new;
-+ CMS_RecipientInfo_type;
-+ CMS_get0_type;
-+ CMS_is_detached;
-+ CMS_sign;
-+ CMS_signed_add1_attr;
-+ CMS_unsigned_get_attr_by_OBJ;
-+ SMIME_write_CMS;
-+ CMS_EncryptedData_decrypt;
-+ CMS_get0_RecipientInfos;
-+ CMS_add0_RevocationInfoChoice;
-+ CMS_decrypt_set1_pkey;
-+ CMS_SignerInfo_set1_signer_cert;
-+ CMS_get0_signers;
-+ CMS_ReceiptRequest_get0_values;
-+ CMS_signed_get0_data_by_OBJ;
-+ CMS_get0_SignerInfos;
-+ CMS_add0_cert;
-+ CMS_EncryptedData_encrypt;
-+ CMS_digest_verify;
-+ CMS_set1_signers_certs;
-+ CMS_signed_get_attr;
-+ CMS_RecipientInfo_set0_key;
-+ CMS_SignedData_init;
-+ CMS_RecipientInfo_kekri_get0_id;
-+ CMS_verify_receipt;
-+ CMS_ReceiptRequest_it;
-+ CMS_ReceiptRequest_it;
-+ PEM_read_bio_CMS;
-+ CMS_get1_crls;
-+ CMS_add0_recipient_key;
-+ SMIME_read_ASN1;
-+ CMS_ReceiptRequest_new;
-+ CMS_get0_content;
-+ CMS_get1_ReceiptRequest;
-+ CMS_signed_add1_attr_by_OBJ;
-+ CMS_RecipientInfo_kekri_id_cmp;
-+ CMS_add1_ReceiptRequest;
-+ CMS_SignerInfo_get0_signer_id;
-+ CMS_unsigned_add1_attr_by_NID;
-+ CMS_unsigned_add1_attr;
-+ CMS_signed_get_attr_by_NID;
-+ CMS_get1_certs;
-+ CMS_signed_add1_attr_by_NID;
-+ CMS_unsigned_add1_attr_by_txt;
-+ CMS_dataFinal;
-+ CMS_RecipientInfo_ktri_get0_signer_id;
-+ CMS_RecipInfo_ktri_get0_sigr_id;
-+ i2d_CMS_ReceiptRequest;
-+ CMS_add1_recipient_cert;
-+ CMS_dataInit;
-+ CMS_signed_add1_attr_by_txt;
-+ CMS_RecipientInfo_decrypt;
-+ CMS_signed_get_attr_count;
-+ CMS_get0_eContentType;
-+ CMS_set1_eContentType;
-+ CMS_ReceiptRequest_create0;
-+ CMS_add1_signer;
-+ CMS_RecipientInfo_set0_pkey;
-+ ENGINE_set_load_ssl_client_cert_function;
-+ ENGINE_set_ld_ssl_clnt_cert_fn;
-+ ENGINE_get_ssl_client_cert_function;
-+ ENGINE_get_ssl_client_cert_fn;
-+ ENGINE_load_ssl_client_cert;
-+ ENGINE_load_capi;
-+ OPENSSL_isservice;
-+ FIPS_dsa_sig_decode;
-+ EVP_CIPHER_CTX_clear_flags;
-+ FIPS_rand_status;
-+ FIPS_rand_set_key;
-+ CRYPTO_set_mem_info_functions;
-+ RSA_X931_generate_key_ex;
-+ int_ERR_set_state_func;
-+ int_EVP_MD_set_engine_callbacks;
-+ int_CRYPTO_set_do_dynlock_callback;
-+ FIPS_rng_stick;
-+ EVP_CIPHER_CTX_set_flags;
-+ BN_X931_generate_prime_ex;
-+ FIPS_selftest_check;
-+ FIPS_rand_set_dt;
-+ CRYPTO_dbg_pop_info;
-+ FIPS_dsa_free;
-+ RSA_X931_derive_ex;
-+ FIPS_rsa_new;
-+ FIPS_rand_bytes;
-+ fips_cipher_test;
-+ EVP_CIPHER_CTX_test_flags;
-+ CRYPTO_malloc_debug_init;
-+ CRYPTO_dbg_push_info;
-+ FIPS_corrupt_rsa_keygen;
-+ FIPS_dh_new;
-+ FIPS_corrupt_dsa_keygen;
-+ FIPS_dh_free;
-+ fips_pkey_signature_test;
-+ EVP_add_alg_module;
-+ int_RAND_init_engine_callbacks;
-+ int_EVP_CIPHER_set_engine_callbacks;
-+ int_EVP_MD_init_engine_callbacks;
-+ FIPS_rand_test_mode;
-+ FIPS_rand_reset;
-+ FIPS_dsa_new;
-+ int_RAND_set_callbacks;
-+ BN_X931_derive_prime_ex;
-+ int_ERR_lib_init;
-+ int_EVP_CIPHER_init_engine_callbacks;
-+ FIPS_rsa_free;
-+ FIPS_dsa_sig_encode;
-+ CRYPTO_dbg_remove_all_info;
-+ OPENSSL_init;
-+ CRYPTO_strdup;
-+ JPAKE_STEP3A_process;
-+ JPAKE_STEP1_release;
-+ JPAKE_get_shared_key;
-+ JPAKE_STEP3B_init;
-+ JPAKE_STEP1_generate;
-+ JPAKE_STEP1_init;
-+ JPAKE_STEP3B_process;
-+ JPAKE_STEP2_generate;
-+ JPAKE_CTX_new;
-+ JPAKE_CTX_free;
-+ JPAKE_STEP3B_release;
-+ JPAKE_STEP3A_release;
-+ JPAKE_STEP2_process;
-+ JPAKE_STEP3B_generate;
-+ JPAKE_STEP1_process;
-+ JPAKE_STEP3A_generate;
-+ JPAKE_STEP2_release;
-+ JPAKE_STEP3A_init;
-+ ERR_load_JPAKE_strings;
-+ JPAKE_STEP2_init;
-+ pqueue_size;
-+ i2d_TS_ACCURACY;
-+ i2d_TS_MSG_IMPRINT_fp;
-+ i2d_TS_MSG_IMPRINT;
-+ EVP_PKEY_print_public;
-+ EVP_PKEY_CTX_new;
-+ i2d_TS_TST_INFO;
-+ EVP_PKEY_asn1_find;
-+ DSO_METHOD_beos;
-+ TS_CONF_load_cert;
-+ TS_REQ_get_ext;
-+ EVP_PKEY_sign_init;
-+ ASN1_item_print;
-+ TS_TST_INFO_set_nonce;
-+ TS_RESP_dup;
-+ ENGINE_register_pkey_meths;
-+ EVP_PKEY_asn1_add0;
-+ PKCS7_add0_attrib_signing_time;
-+ i2d_TS_TST_INFO_fp;
-+ BIO_asn1_get_prefix;
-+ TS_TST_INFO_set_time;
-+ EVP_PKEY_meth_set_decrypt;
-+ EVP_PKEY_set_type_str;
-+ EVP_PKEY_CTX_get_keygen_info;
-+ TS_REQ_set_policy_id;
-+ d2i_TS_RESP_fp;
-+ ENGINE_get_pkey_asn1_meth_engine;
-+ ENGINE_get_pkey_asn1_meth_eng;
-+ WHIRLPOOL_Init;
-+ TS_RESP_set_status_info;
-+ EVP_PKEY_keygen;
-+ EVP_DigestSignInit;
-+ TS_ACCURACY_set_millis;
-+ TS_REQ_dup;
-+ GENERAL_NAME_dup;
-+ ASN1_SEQUENCE_ANY_it;
-+ ASN1_SEQUENCE_ANY_it;
-+ WHIRLPOOL;
-+ X509_STORE_get1_crls;
-+ ENGINE_get_pkey_asn1_meth;
-+ EVP_PKEY_asn1_new;
-+ BIO_new_NDEF;
-+ ENGINE_get_pkey_meth;
-+ TS_MSG_IMPRINT_set_algo;
-+ i2d_TS_TST_INFO_bio;
-+ TS_TST_INFO_set_ordering;
-+ TS_TST_INFO_get_ext_by_OBJ;
-+ CRYPTO_THREADID_set_pointer;
-+ TS_CONF_get_tsa_section;
-+ SMIME_write_ASN1;
-+ TS_RESP_CTX_set_signer_key;
-+ EVP_PKEY_encrypt_old;
-+ EVP_PKEY_encrypt_init;
-+ CRYPTO_THREADID_cpy;
-+ ASN1_PCTX_get_cert_flags;
-+ i2d_ESS_SIGNING_CERT;
-+ TS_CONF_load_key;
-+ i2d_ASN1_SEQUENCE_ANY;
-+ d2i_TS_MSG_IMPRINT_bio;
-+ EVP_PKEY_asn1_set_public;
-+ b2i_PublicKey_bio;
-+ BIO_asn1_set_prefix;
-+ EVP_PKEY_new_mac_key;
-+ BIO_new_CMS;
-+ CRYPTO_THREADID_cmp;
-+ TS_REQ_ext_free;
-+ EVP_PKEY_asn1_set_free;
-+ EVP_PKEY_get0_asn1;
-+ d2i_NETSCAPE_X509;
-+ EVP_PKEY_verify_recover_init;
-+ EVP_PKEY_CTX_set_data;
-+ EVP_PKEY_keygen_init;
-+ TS_RESP_CTX_set_status_info;
-+ TS_MSG_IMPRINT_get_algo;
-+ TS_REQ_print_bio;
-+ EVP_PKEY_CTX_ctrl_str;
-+ EVP_PKEY_get_default_digest_nid;
-+ PEM_write_bio_PKCS7_stream;
-+ TS_MSG_IMPRINT_print_bio;
-+ BN_asc2bn;
-+ TS_REQ_get_policy_id;
-+ ENGINE_set_default_pkey_asn1_meths;
-+ ENGINE_set_def_pkey_asn1_meths;
-+ d2i_TS_ACCURACY;
-+ DSO_global_lookup;
-+ TS_CONF_set_tsa_name;
-+ i2d_ASN1_SET_ANY;
-+ ENGINE_load_gost;
-+ WHIRLPOOL_BitUpdate;
-+ ASN1_PCTX_get_flags;
-+ TS_TST_INFO_get_ext_by_NID;
-+ TS_RESP_new;
-+ ESS_CERT_ID_dup;
-+ TS_STATUS_INFO_dup;
-+ TS_REQ_delete_ext;
-+ EVP_DigestVerifyFinal;
-+ EVP_PKEY_print_params;
-+ i2d_CMS_bio_stream;
-+ TS_REQ_get_msg_imprint;
-+ OBJ_find_sigid_by_algs;
-+ TS_TST_INFO_get_serial;
-+ TS_REQ_get_nonce;
-+ X509_PUBKEY_set0_param;
-+ EVP_PKEY_CTX_set0_keygen_info;
-+ DIST_POINT_set_dpname;
-+ i2d_ISSUING_DIST_POINT;
-+ ASN1_SET_ANY_it;
-+ ASN1_SET_ANY_it;
-+ EVP_PKEY_CTX_get_data;
-+ TS_STATUS_INFO_print_bio;
-+ EVP_PKEY_derive_init;
-+ d2i_TS_TST_INFO;
-+ EVP_PKEY_asn1_add_alias;
-+ d2i_TS_RESP_bio;
-+ OTHERNAME_cmp;
-+ GENERAL_NAME_set0_value;
-+ PKCS7_RECIP_INFO_get0_alg;
-+ TS_RESP_CTX_new;
-+ TS_RESP_set_tst_info;
-+ PKCS7_final;
-+ EVP_PKEY_base_id;
-+ TS_RESP_CTX_set_signer_cert;
-+ TS_REQ_set_msg_imprint;
-+ EVP_PKEY_CTX_ctrl;
-+ TS_CONF_set_digests;
-+ d2i_TS_MSG_IMPRINT;
-+ EVP_PKEY_meth_set_ctrl;
-+ TS_REQ_get_ext_by_NID;
-+ PKCS5_pbe_set0_algor;
-+ BN_BLINDING_thread_id;
-+ TS_ACCURACY_new;
-+ X509_CRL_METHOD_free;
-+ ASN1_PCTX_get_nm_flags;
-+ EVP_PKEY_meth_set_sign;
-+ CRYPTO_THREADID_current;
-+ EVP_PKEY_decrypt_init;
-+ NETSCAPE_X509_free;
-+ i2b_PVK_bio;
-+ EVP_PKEY_print_private;
-+ GENERAL_NAME_get0_value;
-+ b2i_PVK_bio;
-+ ASN1_UTCTIME_adj;
-+ TS_TST_INFO_new;
-+ EVP_MD_do_all_sorted;
-+ TS_CONF_set_default_engine;
-+ TS_ACCURACY_set_seconds;
-+ TS_TST_INFO_get_time;
-+ PKCS8_pkey_get0;
-+ EVP_PKEY_asn1_get0;
-+ OBJ_add_sigid;
-+ PKCS7_SIGNER_INFO_sign;
-+ EVP_PKEY_paramgen_init;
-+ EVP_PKEY_sign;
-+ OBJ_sigid_free;
-+ EVP_PKEY_meth_set_init;
-+ d2i_ESS_ISSUER_SERIAL;
-+ ISSUING_DIST_POINT_new;
-+ ASN1_TIME_adj;
-+ TS_OBJ_print_bio;
-+ EVP_PKEY_meth_set_verify_recover;
-+ EVP_PKEY_meth_set_vrfy_recover;
-+ TS_RESP_get_status_info;
-+ CMS_stream;
-+ EVP_PKEY_CTX_set_cb;
-+ PKCS7_to_TS_TST_INFO;
-+ ASN1_PCTX_get_oid_flags;
-+ TS_TST_INFO_add_ext;
-+ EVP_PKEY_meth_set_derive;
-+ i2d_TS_RESP_fp;
-+ i2d_TS_MSG_IMPRINT_bio;
-+ TS_RESP_CTX_set_accuracy;
-+ TS_REQ_set_nonce;
-+ ESS_CERT_ID_new;
-+ ENGINE_pkey_asn1_find_str;
-+ TS_REQ_get_ext_count;
-+ BUF_reverse;
-+ TS_TST_INFO_print_bio;
-+ d2i_ISSUING_DIST_POINT;
-+ ENGINE_get_pkey_meths;
-+ i2b_PrivateKey_bio;
-+ i2d_TS_RESP;
-+ b2i_PublicKey;
-+ TS_VERIFY_CTX_cleanup;
-+ TS_STATUS_INFO_free;
-+ TS_RESP_verify_token;
-+ OBJ_bsearch_ex_;
-+ ASN1_bn_print;
-+ EVP_PKEY_asn1_get_count;
-+ ENGINE_register_pkey_asn1_meths;
-+ ASN1_PCTX_set_nm_flags;
-+ EVP_DigestVerifyInit;
-+ ENGINE_set_default_pkey_meths;
-+ TS_TST_INFO_get_policy_id;
-+ TS_REQ_get_cert_req;
-+ X509_CRL_set_meth_data;
-+ PKCS8_pkey_set0;
-+ ASN1_STRING_copy;
-+ d2i_TS_TST_INFO_fp;
-+ X509_CRL_match;
-+ EVP_PKEY_asn1_set_private;
-+ TS_TST_INFO_get_ext_d2i;
-+ TS_RESP_CTX_add_policy;
-+ d2i_TS_RESP;
-+ TS_CONF_load_certs;
-+ TS_TST_INFO_get_msg_imprint;
-+ ERR_load_TS_strings;
-+ TS_TST_INFO_get_version;
-+ EVP_PKEY_CTX_dup;
-+ EVP_PKEY_meth_set_verify;
-+ i2b_PublicKey_bio;
-+ TS_CONF_set_certs;
-+ EVP_PKEY_asn1_get0_info;
-+ TS_VERIFY_CTX_free;
-+ TS_REQ_get_ext_by_critical;
-+ TS_RESP_CTX_set_serial_cb;
-+ X509_CRL_get_meth_data;
-+ TS_RESP_CTX_set_time_cb;
-+ TS_MSG_IMPRINT_get_msg;
-+ TS_TST_INFO_ext_free;
-+ TS_REQ_get_version;
-+ TS_REQ_add_ext;
-+ EVP_PKEY_CTX_set_app_data;
-+ OBJ_bsearch_;
-+ EVP_PKEY_meth_set_verifyctx;
-+ i2d_PKCS7_bio_stream;
-+ CRYPTO_THREADID_set_numeric;
-+ PKCS7_sign_add_signer;
-+ d2i_TS_TST_INFO_bio;
-+ TS_TST_INFO_get_ordering;
-+ TS_RESP_print_bio;
-+ TS_TST_INFO_get_exts;
-+ HMAC_CTX_copy;
-+ PKCS5_pbe2_set_iv;
-+ ENGINE_get_pkey_asn1_meths;
-+ b2i_PrivateKey;
-+ EVP_PKEY_CTX_get_app_data;
-+ TS_REQ_set_cert_req;
-+ CRYPTO_THREADID_set_callback;
-+ TS_CONF_set_serial;
-+ TS_TST_INFO_free;
-+ d2i_TS_REQ_fp;
-+ TS_RESP_verify_response;
-+ i2d_ESS_ISSUER_SERIAL;
-+ TS_ACCURACY_get_seconds;
-+ EVP_CIPHER_do_all;
-+ b2i_PrivateKey_bio;
-+ OCSP_CERTID_dup;
-+ X509_PUBKEY_get0_param;
-+ TS_MSG_IMPRINT_dup;
-+ PKCS7_print_ctx;
-+ i2d_TS_REQ_bio;
-+ EVP_whirlpool;
-+ EVP_PKEY_asn1_set_param;
-+ EVP_PKEY_meth_set_encrypt;
-+ ASN1_PCTX_set_flags;
-+ i2d_ESS_CERT_ID;
-+ TS_VERIFY_CTX_new;
-+ TS_RESP_CTX_set_extension_cb;
-+ ENGINE_register_all_pkey_meths;
-+ TS_RESP_CTX_set_status_info_cond;
-+ TS_RESP_CTX_set_stat_info_cond;
-+ EVP_PKEY_verify;
-+ WHIRLPOOL_Final;
-+ X509_CRL_METHOD_new;
-+ EVP_DigestSignFinal;
-+ TS_RESP_CTX_set_def_policy;
-+ NETSCAPE_X509_it;
-+ NETSCAPE_X509_it;
-+ TS_RESP_create_response;
-+ PKCS7_SIGNER_INFO_get0_algs;
-+ TS_TST_INFO_get_nonce;
-+ EVP_PKEY_decrypt_old;
-+ TS_TST_INFO_set_policy_id;
-+ TS_CONF_set_ess_cert_id_chain;
-+ EVP_PKEY_CTX_get0_pkey;
-+ d2i_TS_REQ;
-+ EVP_PKEY_asn1_find_str;
-+ BIO_f_asn1;
-+ ESS_SIGNING_CERT_new;
-+ EVP_PBE_find;
-+ X509_CRL_get0_by_cert;
-+ EVP_PKEY_derive;
-+ i2d_TS_REQ;
-+ TS_TST_INFO_delete_ext;
-+ ESS_ISSUER_SERIAL_free;
-+ ASN1_PCTX_set_str_flags;
-+ ENGINE_get_pkey_asn1_meth_str;
-+ TS_CONF_set_signer_key;
-+ TS_ACCURACY_get_millis;
-+ TS_RESP_get_token;
-+ TS_ACCURACY_dup;
-+ ENGINE_register_all_pkey_asn1_meths;
-+ ENGINE_reg_all_pkey_asn1_meths;
-+ X509_CRL_set_default_method;
-+ CRYPTO_THREADID_hash;
-+ CMS_ContentInfo_print_ctx;
-+ TS_RESP_free;
-+ ISSUING_DIST_POINT_free;
-+ ESS_ISSUER_SERIAL_new;
-+ CMS_add1_crl;
-+ PKCS7_add1_attrib_digest;
-+ TS_RESP_CTX_add_md;
-+ TS_TST_INFO_dup;
-+ ENGINE_set_pkey_asn1_meths;
-+ PEM_write_bio_Parameters;
-+ TS_TST_INFO_get_accuracy;
-+ X509_CRL_get0_by_serial;
-+ TS_TST_INFO_set_version;
-+ TS_RESP_CTX_get_tst_info;
-+ TS_RESP_verify_signature;
-+ CRYPTO_THREADID_get_callback;
-+ TS_TST_INFO_get_tsa;
-+ TS_STATUS_INFO_new;
-+ EVP_PKEY_CTX_get_cb;
-+ TS_REQ_get_ext_d2i;
-+ GENERAL_NAME_set0_othername;
-+ TS_TST_INFO_get_ext_count;
-+ TS_RESP_CTX_get_request;
-+ i2d_NETSCAPE_X509;
-+ ENGINE_get_pkey_meth_engine;
-+ EVP_PKEY_meth_set_signctx;
-+ EVP_PKEY_asn1_copy;
-+ ASN1_TYPE_cmp;
-+ EVP_CIPHER_do_all_sorted;
-+ EVP_PKEY_CTX_free;
-+ ISSUING_DIST_POINT_it;
-+ ISSUING_DIST_POINT_it;
-+ d2i_TS_MSG_IMPRINT_fp;
-+ X509_STORE_get1_certs;
-+ EVP_PKEY_CTX_get_operation;
-+ d2i_ESS_SIGNING_CERT;
-+ TS_CONF_set_ordering;
-+ EVP_PBE_alg_add_type;
-+ TS_REQ_set_version;
-+ EVP_PKEY_get0;
-+ BIO_asn1_set_suffix;
-+ i2d_TS_STATUS_INFO;
-+ EVP_MD_do_all;
-+ TS_TST_INFO_set_accuracy;
-+ PKCS7_add_attrib_content_type;
-+ ERR_remove_thread_state;
-+ EVP_PKEY_meth_add0;
-+ TS_TST_INFO_set_tsa;
-+ EVP_PKEY_meth_new;
-+ WHIRLPOOL_Update;
-+ TS_CONF_set_accuracy;
-+ ASN1_PCTX_set_oid_flags;
-+ ESS_SIGNING_CERT_dup;
-+ d2i_TS_REQ_bio;
-+ X509_time_adj_ex;
-+ TS_RESP_CTX_add_flags;
-+ d2i_TS_STATUS_INFO;
-+ TS_MSG_IMPRINT_set_msg;
-+ BIO_asn1_get_suffix;
-+ TS_REQ_free;
-+ EVP_PKEY_meth_free;
-+ TS_REQ_get_exts;
-+ TS_RESP_CTX_set_clock_precision_digits;
-+ TS_RESP_CTX_set_clk_prec_digits;
-+ TS_RESP_CTX_add_failure_info;
-+ i2d_TS_RESP_bio;
-+ EVP_PKEY_CTX_get0_peerkey;
-+ PEM_write_bio_CMS_stream;
-+ TS_REQ_new;
-+ TS_MSG_IMPRINT_new;
-+ EVP_PKEY_meth_find;
-+ EVP_PKEY_id;
-+ TS_TST_INFO_set_serial;
-+ a2i_GENERAL_NAME;
-+ TS_CONF_set_crypto_device;
-+ EVP_PKEY_verify_init;
-+ TS_CONF_set_policies;
-+ ASN1_PCTX_new;
-+ ESS_CERT_ID_free;
-+ ENGINE_unregister_pkey_meths;
-+ TS_MSG_IMPRINT_free;
-+ TS_VERIFY_CTX_init;
-+ PKCS7_stream;
-+ TS_RESP_CTX_set_certs;
-+ TS_CONF_set_def_policy;
-+ ASN1_GENERALIZEDTIME_adj;
-+ NETSCAPE_X509_new;
-+ TS_ACCURACY_free;
-+ TS_RESP_get_tst_info;
-+ EVP_PKEY_derive_set_peer;
-+ PEM_read_bio_Parameters;
-+ TS_CONF_set_clock_precision_digits;
-+ TS_CONF_set_clk_prec_digits;
-+ ESS_ISSUER_SERIAL_dup;
-+ TS_ACCURACY_get_micros;
-+ ASN1_PCTX_get_str_flags;
-+ NAME_CONSTRAINTS_check;
-+ ASN1_BIT_STRING_check;
-+ X509_check_akid;
-+ ENGINE_unregister_pkey_asn1_meths;
-+ ENGINE_unreg_pkey_asn1_meths;
-+ ASN1_PCTX_free;
-+ PEM_write_bio_ASN1_stream;
-+ i2d_ASN1_bio_stream;
-+ TS_X509_ALGOR_print_bio;
-+ EVP_PKEY_meth_set_cleanup;
-+ EVP_PKEY_asn1_free;
-+ ESS_SIGNING_CERT_free;
-+ TS_TST_INFO_set_msg_imprint;
-+ GENERAL_NAME_cmp;
-+ d2i_ASN1_SET_ANY;
-+ ENGINE_set_pkey_meths;
-+ i2d_TS_REQ_fp;
-+ d2i_ASN1_SEQUENCE_ANY;
-+ GENERAL_NAME_get0_otherName;
-+ d2i_ESS_CERT_ID;
-+ OBJ_find_sigid_algs;
-+ EVP_PKEY_meth_set_keygen;
-+ PKCS5_PBKDF2_HMAC;
-+ EVP_PKEY_paramgen;
-+ EVP_PKEY_meth_set_paramgen;
-+ BIO_new_PKCS7;
-+ EVP_PKEY_verify_recover;
-+ TS_ext_print_bio;
-+ TS_ASN1_INTEGER_print_bio;
-+ check_defer;
-+ DSO_pathbyaddr;
-+ EVP_PKEY_set_type;
-+ TS_ACCURACY_set_micros;
-+ TS_REQ_to_TS_VERIFY_CTX;
-+ EVP_PKEY_meth_set_copy;
-+ ASN1_PCTX_set_cert_flags;
-+ TS_TST_INFO_get_ext;
-+ EVP_PKEY_asn1_set_ctrl;
-+ TS_TST_INFO_get_ext_by_critical;
-+ EVP_PKEY_CTX_new_id;
-+ TS_REQ_get_ext_by_OBJ;
-+ TS_CONF_set_signer_cert;
-+ X509_NAME_hash_old;
-+ ASN1_TIME_set_string;
-+ EVP_MD_flags;
-+ TS_RESP_CTX_free;
-+ DSAparams_dup;
-+ DHparams_dup;
-+ OCSP_REQ_CTX_add1_header;
-+ OCSP_REQ_CTX_set1_req;
-+ X509_STORE_set_verify_cb;
-+ X509_STORE_CTX_get0_current_crl;
-+ X509_STORE_CTX_get0_parent_ctx;
-+ X509_STORE_CTX_get0_current_issuer;
-+ X509_STORE_CTX_get0_cur_issuer;
-+ X509_issuer_name_hash_old;
-+ X509_subject_name_hash_old;
-+ EVP_CIPHER_CTX_copy;
-+ UI_method_get_prompt_constructor;
-+ UI_method_get_prompt_constructr;
-+ UI_method_set_prompt_constructor;
-+ UI_method_set_prompt_constructr;
-+ EVP_read_pw_string_min;
-+ CRYPTO_cts128_encrypt;
-+ CRYPTO_cts128_decrypt_block;
-+ CRYPTO_cfb128_1_encrypt;
-+ CRYPTO_cbc128_encrypt;
-+ CRYPTO_ctr128_encrypt;
-+ CRYPTO_ofb128_encrypt;
-+ CRYPTO_cts128_decrypt;
-+ CRYPTO_cts128_encrypt_block;
-+ CRYPTO_cbc128_decrypt;
-+ CRYPTO_cfb128_encrypt;
-+ CRYPTO_cfb128_8_encrypt;
-+
-+ local:
-+ *;
-+};
-+
-+
-+OPENSSL_1.0.1 {
-+ global:
-+ SSL_renegotiate_abbreviated;
-+ TLSv1_1_method;
-+ TLSv1_1_client_method;
-+ TLSv1_1_server_method;
-+ SSL_CTX_set_srp_client_pwd_callback;
-+ SSL_CTX_set_srp_client_pwd_cb;
-+ SSL_get_srp_g;
-+ SSL_CTX_set_srp_username_callback;
-+ SSL_CTX_set_srp_un_cb;
-+ SSL_get_srp_userinfo;
-+ SSL_set_srp_server_param;
-+ SSL_set_srp_server_param_pw;
-+ SSL_get_srp_N;
-+ SSL_get_srp_username;
-+ SSL_CTX_set_srp_password;
-+ SSL_CTX_set_srp_strength;
-+ SSL_CTX_set_srp_verify_param_callback;
-+ SSL_CTX_set_srp_vfy_param_cb;
-+ SSL_CTX_set_srp_cb_arg;
-+ SSL_CTX_set_srp_username;
-+ SSL_CTX_SRP_CTX_init;
-+ SSL_SRP_CTX_init;
-+ SRP_Calc_A_param;
-+ SRP_generate_server_master_secret;
-+ SRP_gen_server_master_secret;
-+ SSL_CTX_SRP_CTX_free;
-+ SRP_generate_client_master_secret;
-+ SRP_gen_client_master_secret;
-+ SSL_srp_server_param_with_username;
-+ SSL_srp_server_param_with_un;
-+ SSL_SRP_CTX_free;
-+ SSL_set_debug;
-+ SSL_SESSION_get0_peer;
-+ TLSv1_2_client_method;
-+ SSL_SESSION_set1_id_context;
-+ TLSv1_2_server_method;
-+ SSL_cache_hit;
-+ SSL_get0_kssl_ctx;
-+ SSL_set0_kssl_ctx;
-+ SSL_set_state;
-+ SSL_CIPHER_get_id;
-+ TLSv1_2_method;
-+ kssl_ctx_get0_client_princ;
-+ SSL_export_keying_material;
-+ SSL_set_tlsext_use_srtp;
-+ SSL_CTX_set_next_protos_advertised_cb;
-+ SSL_CTX_set_next_protos_adv_cb;
-+ SSL_get0_next_proto_negotiated;
-+ SSL_get_selected_srtp_profile;
-+ SSL_CTX_set_tlsext_use_srtp;
-+ SSL_select_next_proto;
-+ SSL_get_srtp_profiles;
-+ SSL_CTX_set_next_proto_select_cb;
-+ SSL_CTX_set_next_proto_sel_cb;
-+ SSL_SESSION_get_compress_id;
-+
-+ SRP_VBASE_get_by_user;
-+ SRP_Calc_server_key;
-+ SRP_create_verifier;
-+ SRP_create_verifier_BN;
-+ SRP_Calc_u;
-+ SRP_VBASE_free;
-+ SRP_Calc_client_key;
-+ SRP_get_default_gN;
-+ SRP_Calc_x;
-+ SRP_Calc_B;
-+ SRP_VBASE_new;
-+ SRP_check_known_gN_param;
-+ SRP_Calc_A;
-+ SRP_Verify_A_mod_N;
-+ SRP_VBASE_init;
-+ SRP_Verify_B_mod_N;
-+ EC_KEY_set_public_key_affine_coordinates;
-+ EC_KEY_set_pub_key_aff_coords;
-+ EVP_aes_192_ctr;
-+ EVP_PKEY_meth_get0_info;
-+ EVP_PKEY_meth_copy;
-+ ERR_add_error_vdata;
-+ EVP_aes_128_ctr;
-+ EVP_aes_256_ctr;
-+ EC_GFp_nistp224_method;
-+ EC_KEY_get_flags;
-+ RSA_padding_add_PKCS1_PSS_mgf1;
-+ EVP_aes_128_xts;
-+ EVP_aes_256_xts;
-+ EVP_aes_128_gcm;
-+ EC_KEY_clear_flags;
-+ EC_KEY_set_flags;
-+ EVP_aes_256_ccm;
-+ RSA_verify_PKCS1_PSS_mgf1;
-+ EVP_aes_128_ccm;
-+ EVP_aes_192_gcm;
-+ X509_ALGOR_set_md;
-+ RAND_init_fips;
-+ EVP_aes_256_gcm;
-+ EVP_aes_192_ccm;
-+ CMAC_CTX_copy;
-+ CMAC_CTX_free;
-+ CMAC_CTX_get0_cipher_ctx;
-+ CMAC_CTX_cleanup;
-+ CMAC_Init;
-+ CMAC_Update;
-+ CMAC_resume;
-+ CMAC_CTX_new;
-+ CMAC_Final;
-+ CRYPTO_ctr128_encrypt_ctr32;
-+ CRYPTO_gcm128_release;
-+ CRYPTO_ccm128_decrypt_ccm64;
-+ CRYPTO_ccm128_encrypt;
-+ CRYPTO_gcm128_encrypt;
-+ CRYPTO_xts128_encrypt;
-+ EVP_rc4_hmac_md5;
-+ CRYPTO_nistcts128_decrypt_block;
-+ CRYPTO_gcm128_setiv;
-+ CRYPTO_nistcts128_encrypt;
-+ EVP_aes_128_cbc_hmac_sha1;
-+ CRYPTO_gcm128_tag;
-+ CRYPTO_ccm128_encrypt_ccm64;
-+ ENGINE_load_rdrand;
-+ CRYPTO_ccm128_setiv;
-+ CRYPTO_nistcts128_encrypt_block;
-+ CRYPTO_gcm128_aad;
-+ CRYPTO_ccm128_init;
-+ CRYPTO_nistcts128_decrypt;
-+ CRYPTO_gcm128_new;
-+ CRYPTO_ccm128_tag;
-+ CRYPTO_ccm128_decrypt;
-+ CRYPTO_ccm128_aad;
-+ CRYPTO_gcm128_init;
-+ CRYPTO_gcm128_decrypt;
-+ ENGINE_load_rsax;
-+ CRYPTO_gcm128_decrypt_ctr32;
-+ CRYPTO_gcm128_encrypt_ctr32;
-+ CRYPTO_gcm128_finish;
-+ EVP_aes_256_cbc_hmac_sha1;
-+ PKCS5_pbkdf2_set;
-+ CMS_add0_recipient_password;
-+ CMS_decrypt_set1_password;
-+ CMS_RecipientInfo_set0_password;
-+ RAND_set_fips_drbg_type;
-+ X509_REQ_sign_ctx;
-+ RSA_PSS_PARAMS_new;
-+ X509_CRL_sign_ctx;
-+ X509_signature_dump;
-+ d2i_RSA_PSS_PARAMS;
-+ RSA_PSS_PARAMS_it;
-+ RSA_PSS_PARAMS_it;
-+ RSA_PSS_PARAMS_free;
-+ X509_sign_ctx;
-+ i2d_RSA_PSS_PARAMS;
-+ ASN1_item_sign_ctx;
-+ EC_GFp_nistp521_method;
-+ EC_GFp_nistp256_method;
-+ OPENSSL_stderr;
-+ OPENSSL_cpuid_setup;
-+ OPENSSL_showfatal;
-+ BIO_new_dgram_sctp;
-+ BIO_dgram_sctp_msg_waiting;
-+ BIO_dgram_sctp_wait_for_dry;
-+ BIO_s_datagram_sctp;
-+ BIO_dgram_is_sctp;
-+ BIO_dgram_sctp_notification_cb;
-+} OPENSSL_1.0.0;
-+
-Index: openssl-1.0.1/engines/openssl.ld
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1/engines/openssl.ld 2012-03-17 11:25:15.000000000 +0000
-@@ -0,0 +1,10 @@
-+OPENSSL_1.0.0 {
-+ global:
-+ bind_engine;
-+ v_check;
-+ OPENSSL_init;
-+ OPENSSL_finish;
-+ local:
-+ *;
-+};
-+
-Index: openssl-1.0.1/engines/ccgost/openssl.ld
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1/engines/ccgost/openssl.ld 2012-03-17 11:25:15.000000000 +0000
-@@ -0,0 +1,10 @@
-+OPENSSL_1.0.0 {
-+ global:
-+ bind_engine;
-+ v_check;
-+ OPENSSL_init;
-+ OPENSSL_finish;
-+ local:
-+ *;
-+};
-+
-