Another merge from the 0.9.6 branch.

diff --git a/CHANGES b/CHANGES
index cc1e6cac48ee13341dba0daf84360bd255741f22..00705a41942d1e08a967ac08b26418e175528763 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,12 @@
 
  Changes between 0.9.6b and 0.9.6c  [XX xxx XXXX]
 
+  *) Fix BN_rand_range bug pointed out by Dominikus Scherkl
+     <Dominikus.Scherkl@biodata.com>.  (The previous implementation
+     worked incorrectly for those cases where  range = 10..._2  and
+     3*range  is two bits longer than  range.)
+     [Bodo Moeller]
+
   *) Only add signing time to PKCS7 structures if it is not already
      present.
      [Steve Henson]
@@ -226,6 +232,16 @@
      a race condition if 0 is a valid thread ID.
      [Travis Vitek <vitek@roguewave.com>]
 
+  *) Add support for shared libraries under Irix.
+     [Albert Chin-A-Young <china@thewrittenword.com>]
+
+  *) Add configuration option to build on Linux on both big-endian and
+     little-endian MIPS.
+     [Ralf Baechle <ralf@uni-koblenz.de>]
+
+  *) Add the possibility to create shared libraries on HP-UX.
+     [Richard Levitte]
+
  Changes between 0.9.6a and 0.9.6b  [9 Jul 2001]
 
   *) Change ssleay_rand_bytes (crypto/rand/md_rand.c)
@@ -589,16 +605,6 @@
      be changed again when we can guarantee backward binary compatibility.
      [Richard Levitte]
 
-  *) Add support for shared libraries under Irix.
-     [Albert Chin-A-Young <china@thewrittenword.com>]
-
-  *) Add configuration option to build on Linux on both big-endian and
-     little-endian MIPS.
-     [Ralf Baechle <ralf@uni-koblenz.de>]
-
-  *) Add the possibility to create shared libraries on HP-UX
-     [Richard Levitte]
-
   *) Fix typo in get_cert_by_subject() in by_dir.c
      [Jean-Marc Desperrier <jean-marc.desperrier@certplus.com>]
 

diff --git a/config b/config
index 9c0a9115b40a3df1ba82ba8748542be940da54b7..c5243e05fea50beaa5720cf336e4b9f34991bbbf 100755 (executable)
--- a/config
+++ b/config
@@ -298,6 +298,10 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
        echo "mips-sony-newsos4"; exit 0;
        ;;
 
+    CYGWIN*)
+       echo "${MACHINE}-whatever-cygwin32"; exit 0
+       ;;
+
 esac
 
 #
@@ -556,6 +560,8 @@ EOF
   # *-aix) OUT="aix-$CC" ;;
   # *-dgux) OUT="dgux" ;;
   mips-sony-newsos4) OUT="newsos4-gcc" ;;
+  *-*-cygwin32) OUT="CygWin32"
+               options="$options no-threads no-asm" ;;
   *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
 esac
 

diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 5e197a87369312feb8eede49fb0c636f757638fe..65dc5eda27ba420f11788ec721a392a57a981fd7 100644 (file)
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -834,8 +834,6 @@ void ASN1_HEADER_free(ASN1_HEADER *a);
 
 int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
 
-void ERR_load_ASN1_strings(void);
-
 /* Not used that much at this point, except for the first two */
 ASN1_METHOD *X509_asn1_meth(void);
 ASN1_METHOD *RSAPrivateKey_asn1_meth(void);

diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h
index 35dee5fcddb2ef999015db2a195532fdedef39c1..3777f2866bdfbe3b2e04b955b0e813d3c9300b0b 100644 (file)
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@@ -588,8 +588,6 @@ int BIO_sock_init(void );
 void BIO_sock_cleanup(void);
 int BIO_set_tcp_ndelay(int sock,int turn_on);
 
-void ERR_load_BIO_strings(void );
-
 BIO *BIO_new_socket(int sock, int close_flag);
 BIO *BIO_new_fd(int fd, int close_flag);
 BIO *BIO_new_connect(char *host_port);

diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
index cadb438abae464c5660d66938762678b22b09f76..7ce9d8ce331572c3c7bc0534d87a4f4b2969640c 100644 (file)
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -406,7 +406,6 @@ int BN_is_prime(const BIGNUM *p,int nchecks,
 int    BN_is_prime_fasttest(const BIGNUM *p,int nchecks,
                void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg,
                int do_trial_division);
-void   ERR_load_BN_strings(void );
 
 BN_MONT_CTX *BN_MONT_CTX_new(void );
 void BN_MONT_CTX_init(BN_MONT_CTX *ctx);

diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index b368d12f807e8aee40f40ef73d7c7c5dc9d03425..4944ffbf232f3b432312f0aba1fedb3237fe1d32 100644 (file)
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -238,22 +238,15 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range)
 
        n = BN_num_bits(range); /* n > 0 */
 
+       /* BN_is_bit_set(range, n - 1) always holds */
+
        if (n == 1)
                {
                if (!BN_zero(r)) return 0;
                }
-       else if (BN_is_bit_set(range, n - 2))
-               {
-               do
-                       {
-                       /* range = 11..._2, so each iteration succeeds with probability >= .75 */
-                       if (!bn_rand(r, n, -1, 0)) return 0;
-                       }
-               while (BN_cmp(r, range) >= 0);
-               }
-       else
+       else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3))
                {
-               /* range = 10..._2,
+               /* range = 100..._2,
                 * so  3*range (= 11..._2)  is exactly one bit longer than  range */
                do
                        {
@@ -272,6 +265,15 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range)
                        }
                while (BN_cmp(r, range) >= 0);
                }
+       else
+               {
+               do
+                       {
+                       /* range = 11..._2  or  range = 101..._2 */
+                       if (!bn_rand(r, n, -1, 0)) return 0;
+                       }
+               while (BN_cmp(r, range) >= 0);
+               }
 
        return 1;
        }

diff --git a/crypto/buffer/buffer.h b/crypto/buffer/buffer.h
index afe7a46d438d1197f95655544da0e3ae2f0bfc9f..11e2d0359a11bf4cf3044e01f3b4da8f7532d86c 100644 (file)
--- a/crypto/buffer/buffer.h
+++ b/crypto/buffer/buffer.h
@@ -75,8 +75,6 @@ void  BUF_MEM_free(BUF_MEM *a);
 int    BUF_MEM_grow(BUF_MEM *str, int len);
 char * BUF_strdup(const char *str);
 
-void ERR_load_BUF_strings(void );
-
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.

diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h
index 7612656f8b08d1db4f9c9ea56a0b64b3c1983eac..31e4005f3d2492ec11b1ee71347497d9584a43f0 100644 (file)
--- a/crypto/conf/conf.h
+++ b/crypto/conf/conf.h
@@ -108,7 +108,6 @@ long CONF_get_number(LHASH *conf,char *group,char *name);
 void CONF_free(LHASH *conf);
 int CONF_dump_fp(LHASH *conf, FILE *out);
 int CONF_dump_bio(LHASH *conf, BIO *out);
-void ERR_load_CONF_strings(void );
 
 /* New conf code.  The semantics are different from the functions above.
    If that wasn't the case, the above functions would have been replaced */

diff --git a/crypto/crypto.h b/crypto/crypto.h
index 3a670a150123b0e855f7b5ee2cd1f88e8c9c2732..d8258fcc792029ac2552a6085a8cb939d6b5588b 100644 (file)
--- a/crypto/crypto.h
+++ b/crypto/crypto.h
@@ -382,8 +382,6 @@ void CRYPTO_mem_leaks(struct bio_st *bio);
 /* unsigned long order, char *file, int line, int num_bytes, char *addr */
 void CRYPTO_mem_leaks_cb(void (*cb)(unsigned long, const char *, int, int, void *));
 
-void ERR_load_CRYPTO_strings(void);
-
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.

diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
index a0d21cb1fdc7b3fa2ae27e2095b2f5ba9e62d605..c7c74e0404d4bd101dc26956c77604d1db275a02 100644 (file)
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -186,7 +186,6 @@ int DHparams_print(BIO *bp, DH *x);
 #else
 int    DHparams_print(char *bp, DH *x);
 #endif
-void   ERR_load_DH_strings(void );
 
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes

diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
index 1bce5419daeb549a96e5d192c2973fe2b83737c3..26d13aab1991e38245c597784151d198a4081c7f 100644 (file)
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -190,8 +190,6 @@ int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 int DSA_set_ex_data(DSA *d, int idx, void *arg);
 void *DSA_get_ex_data(DSA *d, int idx);
 
-void   ERR_load_DSA_strings(void );
-
 DSA *  d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
 DSA *  d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
 DSA *  d2i_DSAparams(DSA **a, unsigned char **pp, long length);

diff --git a/crypto/dso/dso.h b/crypto/dso/dso.h
index a2ff75d8ad17586c9d95f3293415b6cd7f834ebc..c1136eccb6470d13bc98a0cc5c4da1c6e8f116a8 100644 (file)
--- a/crypto/dso/dso.h
+++ b/crypto/dso/dso.h
@@ -194,8 +194,6 @@ DSO_METHOD *DSO_METHOD_win32(void);
 /* If VMS is defined, use shared images. If not, return NULL. */
 DSO_METHOD *DSO_METHOD_vms(void);
 
-void ERR_load_DSO_strings(void);
-
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 9e1080e7c223851499fac9c7ea5c7ca37c773ce0..a61e46b7613d84ed4f9871830e941e41d104dfc4 100644 (file)
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -603,8 +603,6 @@ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
                char *out, int *outl);
 int    EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
 
-void   ERR_load_EVP_strings(void );
-
 void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
 int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
 int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);

diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h
index 3980cbc8cb19db99aad262f4a7318ded846b4f10..990a6b8e4db383b778c2fb7fa1a0c9e81c63d12a 100644 (file)
--- a/crypto/objects/objects.h
+++ b/crypto/objects/objects.h
@@ -1005,8 +1005,6 @@ int               OBJ_sn2nid(const char *s);
 int            OBJ_cmp(ASN1_OBJECT *a,ASN1_OBJECT *b);
 char *         OBJ_bsearch(char *key,char *base,int num,int size,int (*cmp)(const void *, const void *));
 
-void           ERR_load_OBJ_strings(void );
-
 int            OBJ_new_nid(int num);
 int            OBJ_add_object(ASN1_OBJECT *obj);
 int            OBJ_create(char *oid,char *sn,char *ln);

diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h
index 7dbc94d4bdabe879f5943538eab99ecc951d8947..3867b2ba80a265839bf0c9c9d298df3b4a10606b 100644 (file)
--- a/crypto/pem/pem.h
+++ b/crypto/pem/pem.h
@@ -524,8 +524,6 @@ void    PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
 int    PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
                unsigned int *siglen, EVP_PKEY *pkey);
 
-void   ERR_load_PEM_strings(void);
-
 void   PEM_proc_type(char *buf, int type);
 void   PEM_dek_info(char *buf, const char *type, int len, char *str);
 

diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h
index 1241f1f633844013e1487395a776b0b8b3310f59..fefa1a6a1f572c584663e9ede6fa73370617df39 100644 (file)
--- a/crypto/pkcs12/pkcs12.h
+++ b/crypto/pkcs12/pkcs12.h
@@ -267,7 +267,6 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void);
 PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, unsigned char **pp,
                                                                 long length);
 void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a);
-void ERR_load_PKCS12_strings(void);
 void PKCS12_PBE_add(void);
 int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
                 STACK_OF(X509) **ca);

diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h
index c5cd4b951aabc490bea6f3b124ecf4dda603b7f3..5baaa784dece3aca31944636f2d94a92423fa36a 100644 (file)
--- a/crypto/pkcs7/pkcs7.h
+++ b/crypto/pkcs7/pkcs7.h
@@ -353,8 +353,6 @@ int                         i2d_PKCS7(PKCS7 *a,
 PKCS7                  *d2i_PKCS7(PKCS7 **a,
                                unsigned char **pp,long length);
 
-void ERR_load_PKCS7_strings(void);
-
 
 long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
 

diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h
index 1347fa0b0e5e0bd27bb9c8f1eeea52f2a7f529a0..6fd0c0aedb577e8ab519d34b9d29ebcf076e2191 100644 (file)
--- a/crypto/rand/rand.h
+++ b/crypto/rand/rand.h
@@ -95,7 +95,6 @@ const char *RAND_file_name(char *file,size_t num);
 int RAND_status(void);
 int RAND_egd(const char *path);
 int RAND_egd_bytes(const char *path,int bytes);
-void ERR_load_RAND_strings(void);
 int RAND_poll(void);
 
 #ifdef  __cplusplus

diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index ac21027d1a8f04124194ac12b1f07f275069e049..3b2f468e69b791a99680e64e02c8b53f3b4f85ff 100644 (file)
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -214,8 +214,6 @@ RSA_METHOD *RSA_PKCS1_SSLeay(void);
 
 RSA_METHOD *RSA_null_method(void);
 
-void   ERR_load_RSA_strings(void );
-
 RSA *  d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
 int    i2d_RSAPublicKey(RSA *a, unsigned char **pp);
 RSA *  d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);

diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index 088319a568a1fb92ae6c5fc7c320632a91217a24..385c2e1f4d8f85a7ca87ddb17c4ea5cd9d46cda8 100644 (file)
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -810,7 +810,6 @@ const char *        X509_get_default_private_dir(void );
 
 X509_REQ *     X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
 X509 *         X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
-void ERR_load_X509_strings(void );
 
 X509_ALGOR *   X509_ALGOR_new(void );
 void           X509_ALGOR_free(X509_ALGOR *a);

diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index 07dc5713bb9818224d4a3c66d15c2cf05a031747..f810d464088f42a119a48ffaa07720ba2e8fb33c 100644 (file)
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -354,7 +354,6 @@ typedef struct x509_purpose_st {
 
 DECLARE_STACK_OF(X509_PURPOSE)
 
-void ERR_load_X509V3_strings(void);
 int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp);
 BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char **pp, long length);
 BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void);

diff --git a/rsaref/rsaref.h b/rsaref/rsaref.h
index 9bfcd704ddd081f8d16d1a3ecd72a6d8e452130f..4e99bda059633f401f25f9daa4ec154aa61194f7 100644 (file)
--- a/rsaref/rsaref.h
+++ b/rsaref/rsaref.h
@@ -131,7 +131,6 @@ int R_GetRandomBytesNeeded(unsigned int *,RSARandomState *rnd);
 int R_RandomUpdate(RSARandomState *rnd, unsigned char *data, unsigned int n);
 int R_RandomFinal(RSARandomState *rnd);
 
-void ERR_load_RSAREF_strings(void );
 RSA_METHOD *RSA_PKCS1_RSAref(void );
 
 #ifdef  __cplusplus

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 54af2fd3ab5144167e4ce7070efff63b2e79840b..555ff708f9e61e004ee297e0ac4d6c8faa244a44 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -989,7 +989,6 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
                                           const char *dir);
 #endif
 
-void   ERR_load_SSL_strings(void );
 void   SSL_load_error_strings(void );
 char *         SSL_state_string(SSL *s);
 char *         SSL_rstate_string(SSL *s);

diff --git a/util/libeay.num b/util/libeay.num
index febaa9998753f75233f94a0a140d6df8a5e24d12..24b6319fd534edd8d2bc4968825a6378e4765cae 100755 (executable)
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -1933,3 +1933,4 @@ ENGINE_get_ctrl_function                2521      EXIST::FUNCTION:
 ENGINE_set_ctrl_function                2522   EXIST::FUNCTION:
 BN_pseudo_rand_range                    2523   EXIST::FUNCTION:
 X509_STORE_CTX_set_verify_cb            2524   EXIST::FUNCTION:
+ERR_load_COMP_strings                   2525   EXIST::FUNCTION:

diff --git a/util/mkdef.pl b/util/mkdef.pl
index ba453358cf92da31d554fd939da6110ed5b57ac6..d84acfa3e5e186bcad7c9c9a25ba2fe901d791a9 100755 (executable)
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -294,8 +294,10 @@ sub do_defs
                        TRUE            => 1,
                );
                my $symhacking = $file eq $symhacksfile;
+               my $begin_error_codes = 0;
                while(<IN>) {
-                       last if (/BEGIN ERROR CODES/);
+                       $begin_error_codes = 1 if (/BEGIN ERROR CODES/);
+                       last if ($begin_error_codes && /Error codes for /);
                        if ($line ne '') {
                                $_ = $line . $_;
                                $line = '';